[SPARK-33504] The application log in the Spark history server contains sensitive attributes such as password that should be redated instead of plain text - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 3.0.1
Fix Version/s: 3.0.3, 3.1.0
Component/s: Spark Core
Labels:
None
Environment:

Spark 3.0.1

Description

We found the secure attributes in SparkListenerJobStart and SparkListenerStageSubmitted events would not been redated, resulting in sensitive attributes can be viewd directly.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SparkListernerJobStart-wrong.png
20/Nov/20 16:03
64 kB
huangkunlun
SparkListenerStageSubmitted-log-wrong.png
20/Nov/20 16:03
62 kB
huangkunlun
SparkListenerEnvironmentUpdate log shows ok.png
20/Nov/20 16:03
46 kB
huangkunlun

Issue Links

links to

[Github] Pull Request #30446 (akiyamaneko)

[Github] Pull Request #30576 (tgravescs)

[Github] Pull Request #31631 (viirya)

Activity

People

Assignee:: huangkunlun

Reporter:: huangkunlun

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Nov/20 15:54

Updated:: 24/Feb/21 08:48

Resolved:: 02/Dec/20 15:28