[
https://issues.apache.org/jira/browse/IGNITE-13929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sergey Uttsel updated IGNITE-13929:
-----------------------------------
Description:
Right now, by default, node prints entries in logs of PME and long running
operations. It’s not secure, because it disclose sensitive data. However
printing of entries might help with certain issues such as deadlock. So we can
print hash of entries in log.
*Summary of the changes:*
1. IGNITE_TO_STRING_INCLUDE_SENSITIVE is deprecated
2. IGNITE_SENSITIVE_DATA_LOGGING is a new system property with three possible
values:
"plain" - print as is
"hash" - print hash (primitives are printed as is)
"none" - don’t print anything
3. "hash" is default value
4. If a node starts with explicit IGNITE_TO_STRING_INCLUDE_SENSITIVE the value
converts to IGNITE_SENSITIVE_DATA_LOGGING:
true -> plain
false -> none
was:
Right now, by default, node prints entries in logs of PME and long running
operations. It’s not secure, because it disclose sensitive data. However
printing of entries might help with certain issues such as deadlock. So we can
print hash of entries in log.
*Summary of the changes:*
1. IGNITE_TO_STRING_INCLUDE_SENSITIVE is deprecated
2. IGNITE_SENSITIVE_DATA_LOGGING is a new system property with three possible
values:
"plain" - print as is
"hash" - print hash (primitives are printed as is)
"none" - don’t print anything
3. "hash" is default value
4. If a node starts with explicit IGNITE_TO_STRING_INCLUDE_SENSITIVE the value
converts to IGNITE_SENSITIVE_DATA_LOGGING:
true -> plain
false -> none
> Don't print sensitive information in logs by default
> ----------------------------------------------------
>
> Key: IGNITE-13929
> URL: https://issues.apache.org/jira/browse/IGNITE-13929
> Project: Ignite
> Issue Type: Improvement
> Reporter: Sergey Uttsel
> Assignee: Sergey Uttsel
> Priority: Major
>
> Right now, by default, node prints entries in logs of PME and long running
> operations. It’s not secure, because it disclose sensitive data. However
> printing of entries might help with certain issues such as deadlock. So we
> can print hash of entries in log.
>
> *Summary of the changes:*
> 1. IGNITE_TO_STRING_INCLUDE_SENSITIVE is deprecated
> 2. IGNITE_SENSITIVE_DATA_LOGGING is a new system property with three
> possible values:
> "plain" - print as is
> "hash" - print hash (primitives are printed as is)
> "none" - don’t print anything
> 3. "hash" is default value
> 4. If a node starts with explicit IGNITE_TO_STRING_INCLUDE_SENSITIVE the
> value converts to IGNITE_SENSITIVE_DATA_LOGGING:
> true -> plain
> false -> none
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
