[jira] [Updated] (HIVE-9013) Hive set command exposes metastore db password
[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sushanth Sowmyan updated HIVE-9013: --- Attachment: HIVE-9013.5.patch-branch1 Attaching branch-1 version of patch. > Hive set command exposes metastore db password > -- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug >Affects Versions: 0.13.1 >Reporter: Binglin Chang >Assignee: Binglin Chang > Fix For: 2.0.0 > > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch, HIVE-9013.5.patch, > HIVE-9013.5.patch-branch1 > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HIVE-9013) Hive set command exposes metastore db password
[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sushanth Sowmyan updated HIVE-9013: --- Attachment: HIVE-9013.5.patch-branch1.2 Attaching branch-1.2 version of patch as well, committed there too. > Hive set command exposes metastore db password > -- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug >Affects Versions: 0.13.1 >Reporter: Binglin Chang >Assignee: Binglin Chang > Fix For: 1.3.0, 2.0.0, 1.2.2 > > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch, HIVE-9013.5.patch, > HIVE-9013.5.patch-branch1, HIVE-9013.5.patch-branch1.2 > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HIVE-9013) Hive set command exposes metastore db password
[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sushanth Sowmyan updated HIVE-9013: --- Fix Version/s: 1.3.0 > Hive set command exposes metastore db password > -- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug >Affects Versions: 0.13.1 >Reporter: Binglin Chang >Assignee: Binglin Chang > Fix For: 1.3.0, 2.0.0 > > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch, HIVE-9013.5.patch, > HIVE-9013.5.patch-branch1 > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HIVE-9013) Hive set command exposes metastore db password
[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Lefty Leverenz updated HIVE-9013: - Labels: TODOC1.2 TODOC1.3 (was: ) > Hive set command exposes metastore db password > -- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug >Affects Versions: 0.13.1 >Reporter: Binglin Chang >Assignee: Binglin Chang > Labels: TODOC1.2, TODOC1.3 > Fix For: 1.3.0, 2.0.0, 1.2.2 > > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch, HIVE-9013.5.patch, > HIVE-9013.5.patch-branch1, HIVE-9013.5.patch-branch1.2 > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HIVE-9013) Hive set command exposes metastore db password
[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Binglin Chang updated HIVE-9013: Attachment: HIVE-9013.5.patch Update patch, changes: # change list to map # change stripHivePasswordDetails to stripHiddenConfigurations # add 2 tests to cover changes in HiveConf and SetProcessor > Hive set command exposes metastore db password > -- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug >Affects Versions: 0.13.1 >Reporter: Binglin Chang >Assignee: Binglin Chang > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (HIVE-9013) Hive set command exposes metastore db password
[ https://issues.apache.org/jira/browse/HIVE-9013?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Thejas M Nair updated HIVE-9013: Attachment: HIVE-9013.5.patch Uploading HIVE-9013.5.patch again to kick off tests > Hive set command exposes metastore db password > -- > > Key: HIVE-9013 > URL: https://issues.apache.org/jira/browse/HIVE-9013 > Project: Hive > Issue Type: Bug >Affects Versions: 0.13.1 >Reporter: Binglin Chang >Assignee: Binglin Chang > Attachments: HIVE-9013.1.patch, HIVE-9013.2.patch, HIVE-9013.3.patch, > HIVE-9013.4.patch, HIVE-9013.5.patch, HIVE-9013.5.patch > > > When auth is enabled, we still need set command to set some variables(e.g. > mapreduce.job.queuename), but set command alone also list all > information(including vars in restrict list), this exposes like > "javax.jdo.option.ConnectionPassword" > I think conf var in the restrict list should also excluded from dump vars > command. -- This message was sent by Atlassian JIRA (v6.3.4#6332)