Details
-
Improvement
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
None
-
None
Description
I was thinking to add small improvement to Flink. I want to add feature that will hide value for key containing phrase "password". I want to this only when value is logged to log file.
I want to this because of security reason, if someone need to monitor log file then value from password key will be visible in that monitoring.
I want to change class "GlobalConfiguration" and "SecurityOptions"
In class "GlobalConfiguration" change line
LOG.info("Loading configuration property: {}, {}", key, value);
and add code that will check that if key contain phrase "password" than value will be changed to for example "*******".
The change of value i want to make when new key in class "SecurityOptions" will be set to true. This new key will identifies than password should be shadowed/hidden.
What you thing about that improvement?
This improvement is similar to FLINK-8793 for REST component.
Attachments
Issue Links
- is duplicated by
-
FLINK-9111 SSL Passwords written to log file in plain text
-
- Closed
-
- is related to
-
-
- Closed
-
- links to
