[
https://issues.apache.org/jira/browse/KUDU-1812?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Todd Lipcon resolved KUDU-1812.
-------------------------------
Resolution: Fixed
Assignee: Dan Burkert
Fix Version/s: 1.2.0
Fixed in a series of commits by Dan (primarily) with help from me and JD:
a68779b KUDU-1812: don't log user data in the Java client
9efb2f8 KUDU-1812. Fix printed default of redaction flag for tools
a5a33b3 KUDU-1812. Redact calls to Slice::ToDebugString
47f09e3 KUDU-1812: redact HexDump output
c097515 KUDU-1812. Replace PB DebugString calls with redactable variants
f3447a1 KUDU-1812. address comments on 1179bbdb
cef7b10 KUDU-1812. Redaction support for protobufs
1179bbd KUDU-1812. Redact pretty-printed sensitive user data
> Redact user data that gets logged
> ---------------------------------
>
> Key: KUDU-1812
> URL: https://issues.apache.org/jira/browse/KUDU-1812
> Project: Kudu
> Issue Type: Improvement
> Reporter: Jean-Daniel Cryans
> Assignee: Dan Burkert
> Priority: Critical
> Fix For: 1.2.0
>
>
> There are many instances in the code base where we log user data and there is
> a class of users that do not want this behavior. As an example, we might be
> debugging an issue on the mailing list and the user has to scrub the logs
> they share by hand because they don't want it to leak.
> On the server-side, we should replace all those instances with some string
> like "redacted" and add a process flag to enable the logging of user data.
> On the client-side, it gets a bit more tricky. We can't use such flags so we
> need to strike a balance between removing unnecessary logging of user
> information and still keep the software usable.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
