[
https://issues.apache.org/jira/browse/KAFKA-9601?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Egerton updated KAFKA-9601:
---------------------------------
Description:
[This line right
here|https://github.com/apache/kafka/blob/5359b2e3bc1cf13a301f32490a6630802afc4974/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/WorkerConnector.java#L78]
logs all configs (key and value) for a connector, which is bad, since it can
lead to secrets (db credentials, cloud storage credentials, etc.) being logged
in plaintext.
We can remove this line. Or change it to just log config keys. Or try to do
some super-fancy parsing that masks sensitive values. Well, hopefully not that.
That sounds like a lot of work.
Affects all versions of Connect back through 0.10.1.
*If you are running a version of Connect that contains this vulnerability**,
you can set the log level of the*
{{org.apache.kafka.connect.runtime.WorkerConnector}} *namespace to* {{INFO}}
*or higher in your log4j properties file to prevent raw connector configs from
being logged.*
was:
[This line right
here|https://github.com/apache/kafka/blob/5359b2e3bc1cf13a301f32490a6630802afc4974/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/WorkerConnector.java#L78]
logs all configs (key and value) for a connector, which is bad, since it can
lead to secrets (db credentials, cloud storage credentials, etc.) being logged
in plaintext.
We can remove this line. Or change it to just log config keys. Or try to do
some super-fancy parsing that masks sensitive values. Well, hopefully not that.
That sounds like a lot of work.
Affects all versions of Connect back through 0.10.1.
> Workers log raw connector configs, including values
> ---------------------------------------------------
>
> Key: KAFKA-9601
> URL: https://issues.apache.org/jira/browse/KAFKA-9601
> Project: Kafka
> Issue Type: Bug
> Components: KafkaConnect
> Reporter: Chris Egerton
> Assignee: Chris Egerton
> Priority: Critical
> Fix For: 1.0.3, 1.1.2, 2.0.2, 2.1.2, 2.2.3, 2.5.0, 2.3.2, 2.4.1
>
>
> [This line right
> here|https://github.com/apache/kafka/blob/5359b2e3bc1cf13a301f32490a6630802afc4974/connect/runtime/src/main/java/org/apache/kafka/connect/runtime/WorkerConnector.java#L78]
> logs all configs (key and value) for a connector, which is bad, since it can
> lead to secrets (db credentials, cloud storage credentials, etc.) being
> logged in plaintext.
> We can remove this line. Or change it to just log config keys. Or try to do
> some super-fancy parsing that masks sensitive values. Well, hopefully not
> that. That sounds like a lot of work.
> Affects all versions of Connect back through 0.10.1.
>
> *If you are running a version of Connect that contains this vulnerability**,
> you can set the log level of the*
> {{org.apache.kafka.connect.runtime.WorkerConnector}} *namespace to* {{INFO}}
> *or higher in your log4j properties file to prevent raw connector configs
> from being logged.*
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
