[
https://issues.apache.org/jira/browse/MESOS-7292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16074870#comment-16074870
]
Martin Tapp commented on MESOS-7292:
------------------------------------
Please make the POSSIBLY-SENSITIVE-DATA optional as noted in the code as we
can't identify anonymous tasks using ENV vars
(https://github.com/apache/mesos/blob/master/src/launcher/executor.cpp#L470).
Thanks
> Introduce a "sensitive mode" in Mesos which prevents leaks of sensitive data.
> -----------------------------------------------------------------------------
>
> Key: MESOS-7292
> URL: https://issues.apache.org/jira/browse/MESOS-7292
> Project: Mesos
> Issue Type: Improvement
> Components: security
> Reporter: Alexander Rukletsov
> Labels: mesosphere, security
>
> Consider a following scenario. A user passes some sensitive data in an
> environment variable to a task. These data may be logged by Mesos components,
> e.g., executor as part of {{mesos-containerizer}} invocation. While this is
> useful for debugging, this might be an issue in some production environments.
> One of the solution is to have global "sensitive mode", that turns off
> logging of such sensitive data.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
