Volodymyr Tkach created DRILL-6189: -------------------------------------- Summary: Security: passwords logging and file permisions Key: DRILL-6189 URL: https://issues.apache.org/jira/browse/DRILL-6189 Project: Apache Drill Issue Type: Bug Reporter: Volodymyr Tkach Assignee: Volodymyr Tkach
*Prerequisites:* *1.* Log level is set to "all" in the conf/logback.xml: {code:xml} <logger name="org.apache.drill" additivity="false"> <level value="all" /> <appender-ref ref="FILE" /> </logger> {code} *2.* PLAIN authentication mechanism is configured: {code:java} security.user.auth: { enabled: true, packages += "org.apache.drill.exec.rpc.user.security", impl: "pam", pam_profiles: [ "sudo", "login" ] } {code} *Steps:* *1.* Start the drillbits *2.* Connect by sqlline: {noformat} /opt/mapr/drill/drill-1.13.0/bin/sqlline -u "jdbc:drill:zk=node1:5181;" -n user1 -p 1111 {noformat} *Expected result:* Logs shouldn't contain clear-text passwords *Actual results:* During the drillbit startup or establishing connections via the jdbc or odbc, the following lines appear in the drillbit.log: {noformat} properties { key: "password" value: "1111" } {noformat} Same thing happens with storage configuration data, everything, including passwords is being logged to file. *Another issue:* Currently Drill config files has the permissions 0644: {noformat} -rw-r--r--. 1 mapr mapr 1081 Nov 16 14:42 core-site-example.xml -rwxr-xr-x. 1 mapr mapr 1807 Dec 19 11:55 distrib-env.sh -rw-r--r--. 1 mapr mapr 1424 Nov 16 14:42 distrib-env.sh.prejmx -rw-r--r--. 1 mapr mapr 1942 Nov 16 14:42 drill-am-log.xml -rw-r--r--. 1 mapr mapr 1279 Dec 19 11:55 drill-distrib.conf -rw-r--r--. 1 mapr mapr 117 Nov 16 14:50 drill-distrib-mem-qs.conf -rw-r--r--. 1 mapr mapr 6016 Nov 16 14:42 drill-env.sh -rw-r--r--. 1 mapr mapr 1855 Nov 16 14:50 drill-on-yarn.conf -rw-r--r--. 1 mapr mapr 6913 Nov 16 14:42 drill-on-yarn-example.conf -rw-r--r--. 1 mapr mapr 1135 Dec 19 11:55 drill-override.conf -rw-r--r--. 1 mapr mapr 7820 Nov 16 14:42 drill-override-example.conf -rw-r--r--. 1 mapr mapr 3136 Nov 16 14:42 logback.xml -rw-r--r--. 1 mapr mapr 668 Nov 16 14:51 warden.drill-bits.conf -rw-r--r--. 1 mapr mapr 1581 Nov 16 14:42 yarn-client-log.xml {noformat} As they may contain some sensitive information, like passwords or secret keys, they cannot be viewable to everyone. So I suggest to reduce the permissions at least to 0640. -- This message was sent by Atlassian JIRA (v7.6.3#76005)