[jira] [Updated] (SPARK-35576) Redact the sensitive info in the result of Set command

Mon, 31 May 2021 14:58:06 -0700 


     [ 
https://issues.apache.org/jira/browse/SPARK-35576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dongjoon Hyun updated SPARK-35576:
----------------------------------
    Affects Version/s: 2.2.3

> Redact the sensitive info in the result of Set command
> ------------------------------------------------------
>
>                 Key: SPARK-35576
>                 URL: https://issues.apache.org/jira/browse/SPARK-35576
>             Project: Spark
>          Issue Type: Bug
>          Components: Security, SQL
>    Affects Versions: 2.2.3, 2.3.4, 2.4.8, 3.0.2, 3.1.2, 3.2.0
>            Reporter: Gengliang Wang
>            Assignee: Gengliang Wang
>            Priority: Major
>
> Currently, the results of following SQL queries are not redacted:
> ```
> SET [KEY];
> SET;
> ```
> For example:
> {code:java}
> scala> spark.sql("set javax.jdo.option.ConnectionPassword=123456").show()
> +--------------------+------+
> |                 key| value|
> +--------------------+------+
> |javax.jdo.option....|123456|
> +--------------------+------+
> scala> spark.sql("set javax.jdo.option.ConnectionPassword").show()
> +--------------------+------+
> |                 key| value|
> +--------------------+------+
> |javax.jdo.option....|123456|
> +--------------------+------+
> scala> spark.sql("set").show()
> +--------------------+--------------------+
> |                 key|               value|
> +--------------------+--------------------+
> |javax.jdo.option....|              123456|
> {code}
> We should hide the sensitive information and redact the query output.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@spark.apache.org
For additional commands, e-mail: issues-h...@spark.apache.org

Reply via email to