Alexey Serbin has uploaded this change for review. (
http://gerrit.cloudera.org:8080/17679
Change subject: [webserver] make a few flags as sensitive
......................................................................
[webserver] make a few flags as sensitive
This patch marks a few flags of the embedded webserver as 'sensitive',
forcing the redaction of their values while logging those in the logfile
or showing them in the UI served by the embedded webserver. Yes, that's
rather "security by obscurity" practice, but it could help in preventing
unintentional leaks in the absence of proper FS access restrictions
and in avoiding false-positives reported by various automated security
scanners.
* --webserver_private_key_file
this file may contain a private key file in non-encrypted form
* --webserver_private_key_password_cmd
the value of this flag may contain a password for the private key
file in a plain form or other sensitive info provided as arguments
for the command
* --webserver_password_file
this file contains user names and encrypted/hashed passwords
Change-Id: I187c6e8118a3e118299da1e3f7321f48c5eb9e05
---
M src/kudu/server/webserver_options.cc
1 file changed, 33 insertions(+), 22 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/79/17679/1
--
To view, visit http://gerrit.cloudera.org:8080/17679
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I187c6e8118a3e118299da1e3f7321f48c5eb9e05
Gerrit-Change-Number: 17679
Gerrit-PatchSet: 1
Gerrit-Owner: Alexey Serbin <[email protected]>
