[
https://issues.apache.org/jira/browse/ACCUMULO-2938?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14041357#comment-14041357
]
Christopher Tubbs commented on ACCUMULO-2938:
---------------------------------------------
Despite this issue being labeled critical, I don't see any version information
here, as to which versions are affected, or which ones are targeted for fixing.
As for whether or not it should be considered critical, I just want to point
out that logs should always be assumed to contain sensitive data, and be
protected accordingly. So, I'm not sure this warrants being critical, but
certainly it's a good idea.
> Investigate logging on KeyExtent to ensure no data leakage
> ----------------------------------------------------------
>
> Key: ACCUMULO-2938
> URL: https://issues.apache.org/jira/browse/ACCUMULO-2938
> Project: Accumulo
> Issue Type: Bug
> Components: master, tserver
> Reporter: Josh Elser
> Priority: Critical
>
> The KeyExtent class identifies a Tablet in Accumulo. Of interest to this
> issue, KeyExtent may contain the endRow of the Tablet and/or the endRow of
> the previous Tablet (or neither).
> If we log the extent, we have the potential to be leaking some data that
> might need to be protected (visibilities, encryption) to a medium only
> protected by filesystem restrictions.
> This may be difficult since the extent is included in things like MinC and
> MajC log messages and can be helpful when diagnosing problems on the system.
> Can we abstract away what might be potentially sensitive data in some way
> that we still provide useful data for debugging purposes?
--
This message was sent by Atlassian JIRA
(v6.2#6252)
