You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@accumulo.apache.org by "John Vines (JIRA)" <ji...@apache.org> on 2014/04/22 18:00:17 UTC
[jira] [Comment Edited] (ACCUMULO-2713) Instance secret written out
with other configuration items to RFiles and WALogs when encryption is
turned on
[ https://issues.apache.org/jira/browse/ACCUMULO-2713?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13976952#comment-13976952 ]
John Vines edited comment on ACCUMULO-2713 at 4/22/14 3:58 PM:
---------------------------------------------------------------
1.5 might not be affected, actually
was (Author: vines):
It might not be actually
> Instance secret written out with other configuration items to RFiles and WALogs when encryption is turned on
> ------------------------------------------------------------------------------------------------------------
>
> Key: ACCUMULO-2713
> URL: https://issues.apache.org/jira/browse/ACCUMULO-2713
> Project: Accumulo
> Issue Type: Bug
> Affects Versions: 1.5.1
> Reporter: Michael Allen
> Priority: Blocker
> Labels: WAL, encryption, rfile
> Fix For: 1.6.0
>
> Attachments: Dont-write-instance-secret-to-RFiles.patch
>
>
> The encryption at rest feature records configuration information in order to encrypted RFiles and WALogs so that if the configuration changes, the files can be read back. The code that does this recording hovers up all the "instance.*" entries, and does not pick out the instance.secret as a special one not to write. Thus the instance secret goes into each file in the clear, which is non-ideal to say the least.
> Patch forthcoming.
--
This message was sent by Atlassian JIRA
(v6.2#6252)