[
https://issues.apache.org/jira/browse/ACCUMULO-2938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14041227#comment-14041227
]
Josh Elser commented on ACCUMULO-2938:
--------------------------------------
That might be a nice middle ground. We could treat it like the audit log
configuration we have presently.
> Investigate logging on KeyExtent to ensure no data leakage
> ----------------------------------------------------------
>
> Key: ACCUMULO-2938
> URL: https://issues.apache.org/jira/browse/ACCUMULO-2938
> Project: Accumulo
> Issue Type: Bug
> Components: master, tserver
> Reporter: Josh Elser
>
> The KeyExtent class identifies a Tablet in Accumulo. Of interest to this
> issue, KeyExtent may contain the endRow of the Tablet and/or the endRow of
> the previous Tablet (or neither).
> If we log the extent, we have the potential to be leaking some data that
> might need to be protected (visibilities, encryption) to a medium only
> protected by filesystem restrictions.
> This may be difficult since the extent is included in things like MinC and
> MajC log messages and can be helpful when diagnosing problems on the system.
> Can we abstract away what might be potentially sensitive data in some way
> that we still provide useful data for debugging purposes?
--
This message was sent by Atlassian JIRA
(v6.2#6252)
