Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/20645
Change subject: [fs] add redaction attribute for server key and its IV ...................................................................... [fs] add redaction attribute for server key and its IV I noticed that the contents of the 'server_key' and 'server_key_iv' fields of InstanceMetadataPB are printed in the logs when FSManager opens the server's FS directory structure. Even if the server key is encrypted with the master key, I think it's safer to redact those in the logs since logs might be distributed among quite wide audience. This fact inadvertently raises questions and concerns, even if those aren't substantiated by any practical exploit scenario. Also, I could not justify printing such information in the logs from the perspective of troubleshooting in various scenarios, so it seemed quite natural to redact those fields. This change doesn't introduce any incompatibility with prior versions since the redaction flag is a Kudu-specific attribute that only controls the way how the contents of a fields is output by utilities like SecureDebugString(), etc. Change-Id: Ib2c896f23ef743ef440cf25829126e53b8976b0a --- M src/kudu/fs/fs.proto 1 file changed, 4 insertions(+), 4 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/45/20645/1 -- To view, visit http://gerrit.cloudera.org:8080/20645 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: Ib2c896f23ef743ef440cf25829126e53b8976b0a Gerrit-Change-Number: 20645 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]>
