[
https://issues.apache.org/jira/browse/ACCUMULO-2713?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13977456#comment-13977456
]
ASF subversion and git services commented on ACCUMULO-2713:
-----------------------------------------------------------
Commit fbbe472a304ac9dd25850f80de65479d3b19e3a6 in accumulo's branch
refs/heads/master from [~vines]
[ https://git-wip-us.apache.org/repos/asf?p=accumulo.git;h=fbbe472 ]
ACCUMULO-2713 checking for all sensitive and raw output stream for walogs
> Instance secret written out with other configuration items to RFiles and
> WALogs when encryption is turned on
> ------------------------------------------------------------------------------------------------------------
>
> Key: ACCUMULO-2713
> URL: https://issues.apache.org/jira/browse/ACCUMULO-2713
> Project: Accumulo
> Issue Type: Bug
> Affects Versions: 1.5.1
> Reporter: Michael Allen
> Assignee: John Vines
> Priority: Blocker
> Labels: WAL, encryption, rfile
> Fix For: 1.6.0
>
> Attachments: Dont-write-instance-secret-to-RFiles.patch
>
>
> The encryption at rest feature records configuration information in order to
> encrypted RFiles and WALogs so that if the configuration changes, the files
> can be read back. The code that does this recording hovers up all the
> "instance.*" entries, and does not pick out the instance.secret as a special
> one not to write. Thus the instance secret goes into each file in the clear,
> which is non-ideal to say the least.
> Patch forthcoming.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
