You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "t oo (Jira)" <ji...@apache.org> on 2019/12/26 00:04:00 UTC
[jira] [Created] (AIRFLOW-6348) security - cli.py is currently
printing logs with password if you use cli to add connection with
conn_password
t oo created AIRFLOW-6348:
-----------------------------
Summary: security - cli.py is currently printing logs with password if you use cli to add connection with conn_password
Key: AIRFLOW-6348
URL: https://issues.apache.org/jira/browse/AIRFLOW-6348
Project: Apache Airflow
Issue Type: Bug
Components: cli
Affects Versions: 1.10.6
Reporter: t oo
cli.py is currently printing logs with password if you use cli to add connection with conn_password.
example log is being printed (this is issue if you have a auto-logforwarder like splunk)
Successfully added `conn_id`=query_hive : hive_cli://user:cleartextpassw@host:10000/default
relevant code doing the printing:
with db.create_session() as session:
if not (session.query(Connection)
.filter(Connection.conn_id == new_conn.conn_id).first()):
session.add(new_conn)
msg = '\n\tSuccessfully added `conn_id`=\{conn_id} : \{uri}\n'
msg = msg.format(conn_id=new_conn.conn_id,
uri=args.conn_uri or
urlunparse((args.conn_type,
'\{login}:\{password}@\{host}:\{port}'
.format(login=args.conn_login or '',
password=args.conn_password or '',
host=args.conn_host or '',
port=args.conn_port or ''),
args.conn_schema or '', '', '', '')))
[https://github.com/apache/airflow/blob/v1-10-stable/airflow/bin/cli.py#L1325]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)