Major Description
In verbose mode, beeline prints the password used in commandline to STDERR.
This is not a good security practice.
Issue is in BeeLine.java code -
if (url != null) { String com = "!connect " + url + " " + (user == null || user.length() == 0 ? "''" : user) + " " + (pass == null || pass.length() == 0 ? "''" : pass) + " " + (driver == null ? "" : driver); debug("issuing: " + com); dispatch(com); }