You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by "Todd Nemet (JIRA)" <ji...@apache.org> on 2015/04/03 20:39:53 UTC
[jira] [Created] (HIVE-10211) Hive2 JDBC connection errors can leak
database credential information
Todd Nemet created HIVE-10211:
---------------------------------
Summary: Hive2 JDBC connection errors can leak database credential information
Key: HIVE-10211
URL: https://issues.apache.org/jira/browse/HIVE-10211
Project: Hive
Issue Type: Improvement
Components: JDBC
Affects Versions: 0.14.0
Reporter: Todd Nemet
Priority: Minor
In jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java, the string returned when there is an exception includes the entire JDBC connection string. This can leak credential information if there is a problem like a network error.
In our application (Looker) we have to capture every area where an exception can occur and filter out the password. It would be better if the driver took care of this by replacing the password with something like [FILTERED].
Here is an example string:
Java::JavaSql::SQLException: Could not open connection to jdbc:hive2://localhost:21050/;user=test;password=secret: java.net.ConnectException: Connection refused
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)