You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@whirr.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2012/09/20 14:24:07 UTC
[jira] [Updated] (WHIRR-642) Whirr writes the AWS Secret key to the
stdout. is it an unforeseen byproduct or intended behavior?
[ https://issues.apache.org/jira/browse/WHIRR-642?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Loughran updated WHIRR-642:
---------------------------------
Priority: Major (was: Minor)
uprating to major as this is a security issue
> Whirr writes the AWS Secret key to the stdout. is it an unforeseen byproduct or intended behavior?
> --------------------------------------------------------------------------------------------------
>
> Key: WHIRR-642
> URL: https://issues.apache.org/jira/browse/WHIRR-642
> Project: Whirr
> Issue Type: Bug
> Components: cli
> Affects Versions: 0.7.1
> Environment: OSX Mountain Lion
> Reporter: P Mohan
>
> I used Whirr to launch a CDH cluster. Towards the end the whirr output has the AWS secret key in plain text as shown below.
> fs.s3.awsSecretAccessKey=qBqa*********************************, fs.s3.a
> wsAccessKeyId=AKIA*****************, hadoop.rpc.socket.factory.class.default=org.apache.hadoop.net.SocksSocketFactory, fs.default.name=hdfs://ec2-**********.compute-1.amazonaws.c
> om:8020/, fs.s3n.awsSecretAccessKey=qBqaott5*************************}}
> is this intended behavior. Would it be not better to mask or not print the AWS Secret key to the stdout.
> One gd thing i noticed is that the AWS Secret Key is not written to the whirr.log file. Can we not have the same behavior for the stdout as well ?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira