Attila Bukor has posted comments on this change. ( http://gerrit.cloudera.org:8080/19873 )
Change subject: KUDU-3448 Move password retrieval to master init ...................................................................... Patch Set 4: (2 comments) http://gerrit.cloudera.org:8080/#/c/19873/3/src/kudu/master/catalog_manager.h File src/kudu/master/catalog_manager.h: http://gerrit.cloudera.org:8080/#/c/19873/3/src/kudu/master/catalog_manager.h@1400 PS3, Line 1400: // Password for the encrypted IPKI and TSK private keys stored in the : // sys-catalog table. : std::string ipki_private_key_password_; : std::string tsk_private_key_password_; > Does it make sense to obfuscate/scramble these a bit, so at least these str I thought about this, but I don't think it's a very good idea. It is possible to obfuscate the password, but it would still be very easy for an attacker to learn it from a core dump, especially as Kudu is open-source, so it's easy to learn what steps were made to scramble the password. For this reason, I believe scrambling a password would just give the user a false sense of security. We store other key materials in memory anyway. http://gerrit.cloudera.org:8080/#/c/19873/3/src/kudu/master/master.cc File src/kudu/master/master.cc: http://gerrit.cloudera.org:8080/#/c/19873/3/src/kudu/master/master.cc@282 PS3, Line 282: : catalog_manager_->set_ipki_private_key_password(std::move(ipki_private_key_password)); : catalog_manager_->set_tsk_private_key_password(tsk_private_key_password); : : cfile::BlockCache::GetSingleton()->StartInstrumentation( : metric_entity(), opts_.block_cache_metrics_policy()); : : RETURN_NOT_OK(ThreadPoolBuilder("init").set_max_threads(1).Build(&init_pool_)); : startup_path_handler_->set_is_tablet_server(false); : RETURN_NOT_OK(KuduServer::Init()); : : if (web_server_) { : > Does it make sense to move this into the very beginning of the Init() metho Good point, thanks. -- To view, visit http://gerrit.cloudera.org:8080/19873 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I746e657ae8d295f5f34225d63686beea1dff6b7c Gerrit-Change-Number: 19873 Gerrit-PatchSet: 4 Gerrit-Owner: Attila Bukor <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Marton Greber <[email protected]> Gerrit-Reviewer: Zoltan Chovan <[email protected]> Gerrit-Comment-Date: Tue, 30 May 2023 13:42:02 +0000 Gerrit-HasComments: Yes
