Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-23850

We should not redact username|user|url from UI by default

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.2.1
    • Fix Version/s: 2.2.2, 2.3.1, 2.4.0
    • Component/s: Web UI
    • Labels:
      None

      Description

      SPARK-22479 was filed to not print the log jdbc credentials, but in there they also added  the username and url to be redacted.  I'm not sure why these were added and to me by default these do not have security concerns.  It makes it more usable by default to be able to see these things.  Users with high security concerns can simply add them in their configs.

      Also on yarn just redacting url doesn't secure anything because if you go to the environment ui page you see all sorts of paths and really its just confusing that some of its redacted and other parts aren't.  If this was specifically for jdbc I think it needs to be just applied there and not broadly.

      If we remove these we need to test what the jdbc driver is going to log from SPARK-22479.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                vanzin Marcelo Masiero Vanzin
                Reporter:
                tgraves Thomas Graves
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: