[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14975333#comment-14975333 ]
Lefty Leverenz commented on HIVE-9013: -------------------------------------- Doc note: This adds configuration parameter *hive.conf.hidden.list* to HiveConf.java, so it needs to be documented in the wiki for releases 1.2.2 and 1.3.0. * [Configuration Properties -- Restricted List and Whitelist | https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-RestrictedListandWhitelist] (might want a new section title) * [Configuration Properties -- hive.security.authorization.sqlstd.confwhitelist | https://cwiki.apache.org/confluence/display/Hive/Configuration+Properties#ConfigurationProperties-hive.security.authorization.sqlstd.confwhitelist] The whitelist description ends with this sentence: "Note that the hive.conf.restricted.list checks are still enforced after the white list check." Should *hive.conf.hidden.list* be added? > Hive set command exposes metastore db password > ---------------------------------------------- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug > Affects Versions: 0.13.1 > Reporter: Binglin Chang > Assignee: Binglin Chang > Labels: TODOC1.2, TODOC1.3 > Fix For: 1.3.0, 2.0.0, 1.2.2 > > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch, HIVE-9013.5.patch, > HIVE-9013.5.patch-branch1, HIVE-9013.5.patch-branch1.2 > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)