Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-6189

Security: passwords logging and file permisions

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.12.0
    • 1.13.0
    • None

    Description

      Prerequisites:
      1. Log level is set to "all" in the conf/logback.xml:

      <logger name="org.apache.drill" additivity="false">
    <level value="all" />
    <appender-ref ref="FILE" />
</logger>

      2. PLAIN authentication mechanism is configured:

        security.user.auth: {
	enabled: true,
	packages += "org.apache.drill.exec.rpc.user.security",
	impl: "pam",
	pam_profiles: [ "sudo", "login" ]
  }

      Steps:
      1. Start the drillbits
      2. Connect by sqlline:

      /opt/mapr/drill/drill-1.13.0/bin/sqlline -u "jdbc:drill:zk=node1:5181;" -n user1 -p 1111

      Expected result: Logs shouldn't contain clear-text passwords

      Actual results: During the drillbit startup or establishing connections via the jdbc or odbc, the following lines appear in the drillbit.log:

      properties {
    key: "password"
    value: "1111"
}

      Same thing happens with storage configuration data, everything, including passwords is being logged to file.

      Another issue:

      Currently Drill config files has the permissions 0644:

      -rw-r--r--. 1 mapr mapr 1081 Nov 16 14:42 core-site-example.xml
-rwxr-xr-x. 1 mapr mapr 1807 Dec 19 11:55 distrib-env.sh
-rw-r--r--. 1 mapr mapr 1424 Nov 16 14:42 distrib-env.sh.prejmx
-rw-r--r--. 1 mapr mapr 1942 Nov 16 14:42 drill-am-log.xml
-rw-r--r--. 1 mapr mapr 1279 Dec 19 11:55 drill-distrib.conf
-rw-r--r--. 1 mapr mapr  117 Nov 16 14:50 drill-distrib-mem-qs.conf
-rw-r--r--. 1 mapr mapr 6016 Nov 16 14:42 drill-env.sh
-rw-r--r--. 1 mapr mapr 1855 Nov 16 14:50 drill-on-yarn.conf
-rw-r--r--. 1 mapr mapr 6913 Nov 16 14:42 drill-on-yarn-example.conf
-rw-r--r--. 1 mapr mapr 1135 Dec 19 11:55 drill-override.conf
-rw-r--r--. 1 mapr mapr 7820 Nov 16 14:42 drill-override-example.conf
-rw-r--r--. 1 mapr mapr 3136 Nov 16 14:42 logback.xml
-rw-r--r--. 1 mapr mapr  668 Nov 16 14:51 warden.drill-bits.conf
-rw-r--r--. 1 mapr mapr 1581 Nov 16 14:42 yarn-client-log.xml

      As they may contain some sensitive information, like passwords or secret keys, they cannot be viewable to everyone. So I suggest to reduce the permissions at least to 0640.

       

       

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. DRILL-6250 Sqlline start command with password appears in the sqlline.log

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #1139

          Activity

            People

              volodymyr.tkach Volodymyr Tkach
              volodymyr.tkach Volodymyr Tkach
              Arina Ielchiieva Arina Ielchiieva
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: