You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@falcon.apache.org by "Ajay Yadava (JIRA)" <ji...@apache.org> on 2015/12/23 10:38:46 UTC
[jira] [Comment Edited] (FALCON-1601) Make Falcon StateStore more
secure by not disclosing imp params in startup.props
[ https://issues.apache.org/jira/browse/FALCON-1601?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15069430#comment-15069430 ]
Ajay Yadava edited comment on FALCON-1601 at 12/23/15 9:38 AM:
---------------------------------------------------------------
Thanks for the patch [~pavan kumar] I have left some comments on reviewboard.
I wanted to hear everyone's thoughts on couple of things so I am starting a discussion here.
1. [~sandeep.samudrala] had suggested in an offline discussion that we should follow postgres's approach of enforcing certain permissions on the file otherwise discarding it.
2. We should keep only one method of specifying the credentials, using the properties file and disallow the other version where it picks credentials from startup.properties file. I think the startup.properties approach is a bad practice and Falcon shouldn't encourage by supporting this option.
was (Author: ajayyadava):
Thanks for the patch [~pavan kumar] I have left some comments on reviewboard.
I wanted to hear everyone's thoughts on couple of things so I am starting a discussion here.
1. [~sandeep.samudrala] had suggested in an offline discussion that we should follow postgres's of enforcing certain permissions on the file otherwise discarding it.
2. We should keep only one method of specifying the credentials, using the properties file and disallow the other version where it picks credentials from startup.properties file. I think the startup.properties approach is a bad practice and Falcon shouldn't encourage by supporting this option.
> Make Falcon StateStore more secure by not disclosing imp params in startup.props
> ---------------------------------------------------------------------------------
>
> Key: FALCON-1601
> URL: https://issues.apache.org/jira/browse/FALCON-1601
> Project: Falcon
> Issue Type: Improvement
> Reporter: pavan kumar kolamuri
> Assignee: pavan kumar kolamuri
> Attachments: FALCON-1601.patch
>
>
> We are bringing Falcon state Store DB for Native Scheduler as part of https://issues.apache.org/jira/browse/FALCON-1234, We need to add more secureness by removing password properties from startup props and also made this Statestore supports Mysql as well.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)