[ACCUMULO-2713] Instance secret written out with other configuration items to RFiles and WALogs when encryption is turned on - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 1.5.1
Fix Version/s: 1.6.0
Component/s: None
Labels:
- WAL
- encryption
- rfile

Description

The encryption at rest feature records configuration information in order to encrypted RFiles and WALogs so that if the configuration changes, the files can be read back. The code that does this recording hovers up all the "instance.*" entries, and does not pick out the instance.secret as a special one not to write. Thus the instance secret goes into each file in the clear, which is non-ideal to say the least.

Patch forthcoming.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

Dont-write-instance-secret-to-RFiles.patch
22/Apr/14 15:34
2 kB
Michael Allen

Activity

People

Assignee:: John Vines

Reporter:: Michael Allen

Votes:: 1 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Created:: 22/Apr/14 15:30

Updated:: 22/Apr/14 21:22

Resolved:: 22/Apr/14 21:22