You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "Thejas M Nair (JIRA)" <ji...@apache.org> on 2015/04/28 22:09:07 UTC

[jira] [Commented] (HIVE-10508) Strip out password information from config passed to Tez/MR in cases where password encryption is not used

    [ https://issues.apache.org/jira/browse/HIVE-10508?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14517929#comment-14517929 ] 

Thejas M Nair commented on HIVE-10508:
--------------------------------------

Thanks for the patch Hari!
 # Looks like additional changes would be needed for the MR case
 # Setting the value to null would result in an error. See Configuration.set. Maybe set to emtpy string instead ? If I remember right there was not a good way to remove the configuration that works in both 1.x and 2.x .
 #  conf.setVar(HiveConf.ConfVars.METASTOREPWD, null) is more concise/readable than -  HiveConf.setVar(conf, HiveConf.ConfVars.METASTOREPWD, null);


> Strip out password information from config passed to Tez/MR in cases where password encryption is not used
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: HIVE-10508
>                 URL: https://issues.apache.org/jira/browse/HIVE-10508
>             Project: Hive
>          Issue Type: Bug
>            Reporter: Hari Sankar Sivarama Subramaniyan
>            Assignee: Hari Sankar Sivarama Subramaniyan
>         Attachments: HIVE-10508.1.patch
>
>
> Remove password information from configuration copy that is sent to Yarn/Tez. We don't need it there. The config entries can potentially be visible to other users.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)