Details
-
Improvement
-
Status: Accepted
-
Major
-
Resolution: Unresolved
-
None
-
None
Description
Consider a following scenario. A user passes some sensitive data in an environment variable to a task. These data may be logged by Mesos components, e.g., executor as part of mesos-containerizer invocation. While this is useful for debugging, this might be an issue in some production environments.
One of the solution is to have global "sensitive mode", that turns off logging of such sensitive data.
Attachments
Issue Links
- is related to
-
MESOS-7421 Generally avoid leaking possibly sensitive data to logs.
- Open
-
MESOS-8413 Zookeeper configuration passwords are shown in clear text
- Resolved
- relates to
-
MESOS-8229 Make it possible to reliably inject environment variables into forked processes
- Open
- links to