[jira] [Commented] (DRILL-3880) sqlline does not allow for a password prompt - security issue

Wed, 03 Feb 2016 14:27:03 -0800 

    [ 
https://issues.apache.org/jira/browse/DRILL-3880?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15131267#comment-15131267
 ] 

John Omernik commented on DRILL-3880:
-------------------------------------

So I came up with another use case (other than the ability to provide a URL and 
Username, but no password and have it prompt for the password). 

I would like it so if a URL is provided, and authentication is required (if 
it's hard to tell if authentication is required, then perhaps another flag that 
would allow to specify "prompt" for credentials: then it would be like starting 
sqlline, typing the connect URL with !connect going from there. 

So:

sqlline -u %YOURURL% -n myusername 

Results in asking for a password and then completing the process

sqlline -u %YOURURL%  -P #-P may be prompt for for credentials)

Results in it asking for username and then password as if the user started 
sqlline and typed

>!connect %YOURURL%


> sqlline does not allow for a password prompt - security issue
> -------------------------------------------------------------
>
>                 Key: DRILL-3880
>                 URL: https://issues.apache.org/jira/browse/DRILL-3880
>             Project: Apache Drill
>          Issue Type: Improvement
>          Components: Client - CLI
>    Affects Versions: 1.1.0
>            Reporter: John Omernik
>              Labels: security
>             Fix For: Future
>
>
> When authentication is enabled in drill, and using sqlline, there is no way 
> to get the sqlline client to prompt for a password. The only option is to 
> specify the password at the command line (-n user -p password) or to log in 
> and then connect.  
> This is a security risk, in that now the .bash_history contains the user's 
> password, defeating accountability on the system.  Hive and MYSQL both allow 
> for a -p flag with no value to trigger a prompt for the password that is not 
> logged by .bash_history. 
> One work around is to connect after starting sqlline, however, if the sqlline 
> command offers a way to specify the username/password, we should do it in a 
> way that doesn't violate security principles. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to