Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-6250

Sqlline start command with password appears in the sqlline.log

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.13.0
    • 1.14.0
    • None

    Description

      Prerequisites:
      1. Log level is set to "all" in the conf/logback.xml:

      <logger name="org.apache.drill" additivity="false">
          <level value="all" />
          <appender-ref ref="FILE" />
      </logger>
      

      2. PLAIN authentication mechanism is configured:

        security.user.auth: {
      	enabled: true,
      	packages += "org.apache.drill.exec.rpc.user.security",
      	impl: "pam",
      	pam_profiles: [ "sudo", "login" ]
        }
      

      Steps:
      1. Start the drillbits
      2. Connect by sqlline:

      /opt/mapr/drill/drill-1.13.0/bin/sqlline -u "jdbc:drill:zk=node1:5181;" -n user1 -p 1234
      

      3. Use check the sqlline logs:

      tail -F log/sqlline.log|grep 1234 -a5 -b5
      

      Expected result: Logs shouldn't contain clear-text passwords

      Actual result: The logs contain the sqlline start command with password:

      # system properties
      35333-        "java" : {
      35352-            # system properties
      35384:            "command" : "sqlline.SqlLine -d org.apache.drill.jdbc.Driver --maxWidth=10000 --color=true -u jdbc:drill:zk=node1:5181; -n user1 -p 1234",
      35535-            # system properties
      35567-            "launcher" : "SUN_STANDARD"
      35607-        }
      

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            volodymyr.tkach Volodymyr Tkach
            angozhiy Anton Gozhiy
            Arina Ielchiieva Arina Ielchiieva
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment