Uploaded image for project: 'Accumulo'
  1. Accumulo
  2. ACCUMULO-2713

Instance secret written out with other configuration items to RFiles and WALogs when encryption is turned on

VotersWatch issueWatchers
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 1.5.1
    • 1.6.0
    • None

    Description

      The encryption at rest feature records configuration information in order to encrypted RFiles and WALogs so that if the configuration changes, the files can be read back. The code that does this recording hovers up all the "instance.*" entries, and does not pick out the instance.secret as a special one not to write. Thus the instance secret goes into each file in the clear, which is non-ideal to say the least.

      Patch forthcoming.

      Attachments

        Activity

          People

            vines John Vines
            supermallen Michael Allen
            Votes:
            1 Vote for this issue
            Watchers:
            11 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment