[
https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14971950#comment-14971950
]
Sushanth Sowmyan commented on HIVE-9013:
----------------------------------------
Hi [~decster], thanks for the update and the patch.
I'd ask for one last update if you don't mind (or we can do that as a separate
patch):
It's better to have HiveConf.stripHiddenConfigurations(Configuration conf) as
you have introduced to be static, I think. That way, it avoids one notion of
confusion later on in the code (as in your patch) where we have to call it like
this:
{code}
conf.stripHiddenConfigurations(job);
{code}
In that scenario, it becomes unclear if we're stripping it from conf, or from
job, and the truth of the matter is that we're stripping it from job. If we
made that call static, we can call HiveConf.stripHiddenConfigurations(job),
which would be much clearer.
I think, with that, I'm +1 on this. Thanks for adding in tests. Normally, for
ql changes, such as with set behaviour, we make changes to .q files, which is
easier to develop, but having a proper junit test as you have done is good too.
:)
> Hive set command exposes metastore db password
> ----------------------------------------------
>
> Key: HIVE-9013
> URL: https://issues.apache.org/jira/browse/HIVE-9013
> Project: Hive
> Issue Type: Bug
> Affects Versions: 0.13.1
> Reporter: Binglin Chang
> Assignee: Binglin Chang
> Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch,
> HIVE-9013.4.patch, HIVE-9013.5.patch
>
>
> When auth is enabled, we still need set command to set some variables(e.g.
> mapreduce.job.queuename), but set command alone also list all
> information(including vars in restrict list), this exposes like
> "javax.jdo.option.ConnectionPassword"
> I think conf var in the restrict list should also excluded from dump vars
> command.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
