Uploaded image for project: 'Accumulo'
  1. Accumulo
  2. ACCUMULO-2713

Instance secret written out with other configuration items to RFiles and WALogs when encryption is turned on

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.5.1
    • Fix Version/s: 1.6.0
    • Component/s: None
    • Labels:

      Description

      The encryption at rest feature records configuration information in order to encrypted RFiles and WALogs so that if the configuration changes, the files can be read back. The code that does this recording hovers up all the "instance.*" entries, and does not pick out the instance.secret as a special one not to write. Thus the instance secret goes into each file in the clear, which is non-ideal to say the least.

      Patch forthcoming.

        Attachments

          Activity

            People

            • Assignee:
              vines John Vines
              Reporter:
              supermallen Michael Allen
            • Votes:
              1 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: