[
https://issues.apache.org/jira/browse/MESOS-7392?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15971749#comment-15971749
]
Vishnu Mohan commented on MESOS-7392:
-------------------------------------
{code}
Fetched
'https://username:[email protected]/artifactory/libs-release-local/com/salesforceiq/graph-spark_2.11/0.0.7/graph-spark-fatjar.jar'
to
'/var/lib/mesos/slave/slaves/a5534cb6-89db-4a0a-af48-a1a8a9efa964-S8/frameworks/a5534cb6-89db-4a0a-af48-a1a8a9efa964-0007/executors/driver-20170417222104-0002/runs/028c75e8-647e-4cd6-9dd6-6e834e0fcebc/graph-spark-fatjar.jar'
{code}
Ref:
https://dcos-community.slack.com/archives/C10DCMHK4/p1492467766855542?thread_ts=1492196251.988127&cid=C10DCMHK4
> Obfuscate authentication information logged by the fetcher
> -----------------------------------------------------------
>
> Key: MESOS-7392
> URL: https://issues.apache.org/jira/browse/MESOS-7392
> Project: Mesos
> Issue Type: Improvement
> Components: fetcher
> Affects Versions: 1.0.3, 1.1.1, 1.2.0
> Reporter: Vishnu Mohan
>
> As reported by Joseph Stevens on DC/OS Community Slack:
> https://dcos-community.slack.com/archives/C10DCMHK4/p1492126723695465
> {code}
> So I've noticed that the Mesos Fetcher prints the URI it's using in plain
> text to the stderr logs. This is a serious problem since if you're using
> something like the mesos spark framework, it uses mesos fetcher under the
> hood, and the only way to fetch authenticated resources is to pass the auth
> as part of the URI. This means every time we start a job we're printing a
> username and password into the task sandbox and consequently into anything
> that picks up those logs from the agents. Could you guys change that so the
> password is obfuscated on print when a URI has credentials inside it?
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
