Uploaded image for project: 'Kudu'
  1. Kudu
  2. KUDU-1844

/varz should not expose potentially sensitive configs

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.3.0
    • Fix Version/s: 1.3.0
    • Component/s: security, util
    • Labels:

      Description

      Currently /varz dumps all configuration flags. As we add security support, it's possible some flags may be sensitive such that we wouldn't want to expose them via the web UI. Let's add a new FLAG_TAG(sensitive) which would make /varz redact that flag.

        Attachments

          Activity

            People

            • Assignee:
              hahao Hao Hao
              Reporter:
              tlipcon Todd Lipcon
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: