Hi Jarec,
I have added a patch for the Aqoop Jira
SQOOP-2801<https://issues.apache.org/jira/browse/SQOOP-2801> : Secure RDBMS
password in Sqoop Metastore in a encrypted form.The review link is
https://reviews.apache.org/r/42714/
Description of the work done here :
Currently Sqoop store password in the sqoop metastore in the form of plain
text.While running command, sqoop job --show <job_name> , password becomes
visible as plain text.Also anyone can see the password in metastore db since it
is visible in a plain text.In order to provide more security, CryptoFileLoader
class is extended to store password in metastore in encrypted form.Sqoop will
decrypt the password during exec job.In case of show job , the password will be
visible as encrypted manner.User can pass any algorithm and passphrase to
encrypt the password in a similar way as it happens in case of storing password
in the File.
We are using sqoop in our project and to save password in Sqoop meta store in a
secured manner , we added the above changes.If you get a chance , please review
the same.
Thanks,
Shashank Tandon
