[jira] [Commented] (HIVE-12282) beeline - update command printing in verbose mode
[ https://issues.apache.org/jira/browse/HIVE-12282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14977840#comment-14977840 ] Lefty Leverenz commented on HIVE-12282: --- Quite right, [~thejas], two instances of "passwd striped" should be "passwd stripped" -- if you ever get tired of coding, there's a bright future for you in tech writing. (wink) > beeline - update command printing in verbose mode > - > > Key: HIVE-12282 > URL: https://issues.apache.org/jira/browse/HIVE-12282 > Project: Hive > Issue Type: Bug > Components: Beeline >Reporter: Daniel Dai >Assignee: Daniel Dai > Fix For: 2.0.0 > > Attachments: HIVE-12282.1.patch > > > In verbose mode, beeline prints the password used in commandline to STDERR. > This is not a good security practice. > Issue is in BeeLine.java code - > {code} > if (url != null) { > String com = "!connect " > + url + " " > + (user == null || user.length() == 0 ? "''" : user) + " " > + (pass == null || pass.length() == 0 ? "''" : pass) + " " > + (driver == null ? "" : driver); > debug("issuing: " + com); > dispatch(com); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-12282) beeline - update command printing in verbose mode
[ https://issues.apache.org/jira/browse/HIVE-12282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14978869#comment-14978869 ] Thejas M Nair commented on HIVE-12282: -- +1 > beeline - update command printing in verbose mode > - > > Key: HIVE-12282 > URL: https://issues.apache.org/jira/browse/HIVE-12282 > Project: Hive > Issue Type: Bug > Components: Beeline >Reporter: Daniel Dai >Assignee: Daniel Dai > Fix For: 2.0.0 > > Attachments: HIVE-12282.1.patch, HIVE-12282.2.patch > > > In verbose mode, beeline prints the password used in commandline to STDERR. > This is not a good security practice. > Issue is in BeeLine.java code - > {code} > if (url != null) { > String com = "!connect " > + url + " " > + (user == null || user.length() == 0 ? "''" : user) + " " > + (pass == null || pass.length() == 0 ? "''" : pass) + " " > + (driver == null ? "" : driver); > debug("issuing: " + com); > dispatch(com); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-12282) beeline - update command printing in verbose mode
[ https://issues.apache.org/jira/browse/HIVE-12282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14979675#comment-14979675 ] Lefty Leverenz commented on HIVE-12282: --- +1 for the typo fix > beeline - update command printing in verbose mode > - > > Key: HIVE-12282 > URL: https://issues.apache.org/jira/browse/HIVE-12282 > Project: Hive > Issue Type: Bug > Components: Beeline >Reporter: Daniel Dai >Assignee: Daniel Dai > Fix For: 2.0.0 > > Attachments: HIVE-12282.1.patch, HIVE-12282.2.patch > > > In verbose mode, beeline prints the password used in commandline to STDERR. > This is not a good security practice. > Issue is in BeeLine.java code - > {code} > if (url != null) { > String com = "!connect " > + url + " " > + (user == null || user.length() == 0 ? "''" : user) + " " > + (pass == null || pass.length() == 0 ? "''" : pass) + " " > + (driver == null ? "" : driver); > debug("issuing: " + com); > dispatch(com); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-12282) beeline - update command printing in verbose mode
[ https://issues.apache.org/jira/browse/HIVE-12282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14979674#comment-14979674 ] Hive QA commented on HIVE-12282: Here are the results of testing the latest attachment: https://issues.apache.org/jira/secure/attachment/12769338/HIVE-12282.2.patch {color:green}SUCCESS:{color} +1 due to 1 test(s) being added or modified. {color:red}ERROR:{color} -1 due to 4 failed/errored test(s), 9716 tests executed *Failed tests:* {noformat} TestHS2AuthzSessionContext - did not produce a TEST-*.xml file TestMiniTezCliDriver-vectorization_16.q-mapjoin_mapjoin.q-groupby2.q-and-12-more - did not produce a TEST-*.xml file org.apache.hadoop.hive.hwi.TestHWISessionManager.testHiveDriver org.apache.hive.jdbc.TestSSL.testSSLVersion {noformat} Test results: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/5836/testReport Console output: http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/5836/console Test logs: http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-5836/ Messages: {noformat} Executing org.apache.hive.ptest.execution.TestCheckPhase Executing org.apache.hive.ptest.execution.PrepPhase Executing org.apache.hive.ptest.execution.ExecutionPhase Executing org.apache.hive.ptest.execution.ReportingPhase Tests exited with: TestsFailedException: 4 tests failed {noformat} This message is automatically generated. ATTACHMENT ID: 12769338 - PreCommit-HIVE-TRUNK-Build > beeline - update command printing in verbose mode > - > > Key: HIVE-12282 > URL: https://issues.apache.org/jira/browse/HIVE-12282 > Project: Hive > Issue Type: Bug > Components: Beeline >Reporter: Daniel Dai >Assignee: Daniel Dai > Fix For: 2.0.0 > > Attachments: HIVE-12282.1.patch, HIVE-12282.2.patch > > > In verbose mode, beeline prints the password used in commandline to STDERR. > This is not a good security practice. > Issue is in BeeLine.java code - > {code} > if (url != null) { > String com = "!connect " > + url + " " > + (user == null || user.length() == 0 ? "''" : user) + " " > + (pass == null || pass.length() == 0 ? "''" : pass) + " " > + (driver == null ? "" : driver); > debug("issuing: " + com); > dispatch(com); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-12282) beeline - update command printing in verbose mode
[ https://issues.apache.org/jira/browse/HIVE-12282?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=1493#comment-1493 ] Thejas M Nair commented on HIVE-12282: -- Looks great, thanks for adding the test. However, I think "stripped" (instead of "striped") is the right word here . cc [~leftylev] While you are at it, how about using a package private 'final string' for the "[passwd striped]" string so that it can be referenced from the test case. (Just so that a change in string does not break the test). > beeline - update command printing in verbose mode > - > > Key: HIVE-12282 > URL: https://issues.apache.org/jira/browse/HIVE-12282 > Project: Hive > Issue Type: Bug > Components: Beeline >Reporter: Daniel Dai >Assignee: Daniel Dai > Fix For: 2.0.0 > > Attachments: HIVE-12282.1.patch > > > In verbose mode, beeline prints the password used in commandline to STDERR. > This is not a good security practice. > Issue is in BeeLine.java code - > {code} > if (url != null) { > String com = "!connect " > + url + " " > + (user == null || user.length() == 0 ? "''" : user) + " " > + (pass == null || pass.length() == 0 ? "''" : pass) + " " > + (driver == null ? "" : driver); > debug("issuing: " + com); > dispatch(com); > } > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)