Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-33504

The application log in the Spark history server contains sensitive attributes such as password that should be redated instead of plain text

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.1
    • Fix Version/s: 3.0.3, 3.1.0
    • Component/s: Spark Core
    • Labels:
      None
    • Environment:

      Spark 3.0.1

      Description

      We found the secure attributes in SparkListenerJobStart and SparkListenerStageSubmitted events would not been redated, resulting in sensitive attributes can be viewd directly.

        Attachments

        1. SparkListenerEnvironmentUpdate log shows ok.png
          46 kB
          akiyamaneko
        2. SparkListenerStageSubmitted-log-wrong.png
          62 kB
          akiyamaneko
        3. SparkListernerJobStart-wrong.png
          64 kB
          akiyamaneko

          Activity

            People

            • Assignee:
              echohlne akiyamaneko
              Reporter:
              echohlne akiyamaneko
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: