[jira] [Updated] (SPARK-12504) JDBC data source credentials are not masked in the data frame explain output.

Wed, 25 May 2016 20:18:54 -0700 

     [ 
https://issues.apache.org/jira/browse/SPARK-12504?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sean Owen updated SPARK-12504:
------------------------------
    Assignee: Suresh Thalamati  (was: Apache Spark)

> JDBC data source credentials are not masked in the data frame explain output.
> -----------------------------------------------------------------------------
>
>                 Key: SPARK-12504
>                 URL: https://issues.apache.org/jira/browse/SPARK-12504
>             Project: Spark
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 2.0.0
>            Reporter: Suresh Thalamati
>            Assignee: Suresh Thalamati
>             Fix For: 2.0.0
>
>
> Currently JDBC data source credentials are not masked in the explain output. 
> This can lead to accidental leakage of credentials into logs, and UI   
> SPARK -11206 added support for showing the SQL plan details in the History 
> server. After this change query plans are also written to the event logs in 
> the disk when event log is enabled, in this case credential will leak into 
> the event logs that can be accessed by file systems admins.
> Repro :
> {code}
> val empdf = sqlContext.read.jdbc("jdbc:postgresql://localhost:5432/mydb", 
> "spark_emp", psqlProps)
> empdf.explain(true)
> {code}
> Plan output with credentials :
> {code}
> == Parsed Logical Plan == +details
> == Parsed Logical Plan ==
> Limit 21
> +- Relation[id#4,name#5] 
> JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser,
>  password=pwdata})
> == Analyzed Logical Plan ==
> id: int, name: string
> Limit 21
> +- Relation[id#4,name#5] 
> JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser,
>  password=pwdata})
> == Optimized Logical Plan ==
> Limit 21
> +- Relation[id#4,name#5] 
> JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser,
>  password=pwdata})
> == Physical Plan ==
> Limit 21
> +- Scan 
> JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser,
>  password=pwdata}) PushedFilter: [] [id#4,name#5]
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to