You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "Michael Armbrust (JIRA)" <ji...@apache.org> on 2016/01/06 02:48:39 UTC

[jira] [Resolved] (SPARK-12504) JDBC data source credentials are not masked in the data frame explain output.

     [ https://issues.apache.org/jira/browse/SPARK-12504?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michael Armbrust resolved SPARK-12504.
--------------------------------------
       Resolution: Fixed
    Fix Version/s: 2.0.0

Issue resolved by pull request 10452
[https://github.com/apache/spark/pull/10452]

> JDBC data source credentials are not masked in the data frame explain output.
> -----------------------------------------------------------------------------
>
>                 Key: SPARK-12504
>                 URL: https://issues.apache.org/jira/browse/SPARK-12504
>             Project: Spark
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 2.0.0
>            Reporter: Suresh Thalamati
>            Assignee: Apache Spark
>             Fix For: 2.0.0
>
>
> Currently JDBC data source credentials are not masked in the explain output. This can lead to accidental leakage of credentials into logs, and UI   
> SPARK -11206 added support for showing the SQL plan details in the History server. After this change query plans are also written to the event logs in the disk when event log is enabled, in this case credential will leak into the event logs that can be accessed by file systems admins.
> Repro :
> {code}
> val empdf = sqlContext.read.jdbc("jdbc:postgresql://localhost:5432/mydb", "spark_emp", psqlProps)
> empdf.explain(true)
> {code}
> Plan output with credentials :
> {code}
> == Parsed Logical Plan == +details
> == Parsed Logical Plan ==
> Limit 21
> +- Relation[id#4,name#5] JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser, password=pwdata})
> == Analyzed Logical Plan ==
> id: int, name: string
> Limit 21
> +- Relation[id#4,name#5] JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser, password=pwdata})
> == Optimized Logical Plan ==
> Limit 21
> +- Relation[id#4,name#5] JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser, password=pwdata})
> == Physical Plan ==
> Limit 21
> +- Scan JDBCRelation(jdbc:postgresql://localhost:5432/mydb,spark_emp,[Lorg.apache.spark.Partition;@3ff74546,{user=dbuser, password=pwdata}) PushedFilter: [] [id#4,name#5]
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org