You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2020/01/22 06:24:00 UTC

[jira] [Commented] (AIRFLOW-6348) security - cli.py is currently printing logs with password if you use cli to add connection with conn_password

    [ https://issues.apache.org/jira/browse/AIRFLOW-6348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17020817#comment-17020817 ] 

ASF subversion and git services commented on AIRFLOW-6348:
----------------------------------------------------------

Commit 9377ca31d2419ec94df94ddf59c75db617d229ca in airflow's branch refs/heads/v1-10-test from Jarek Potiuk
[ https://gitbox.apache.org/repos/asf?p=airflow.git;h=9377ca3 ]

fixup! [AIRFLOW-6348] security - cli.py is currently printing logs with pass… (#6915)


> security - cli.py is currently printing logs with password if you use cli to add connection with conn_password
> --------------------------------------------------------------------------------------------------------------
>
>                 Key: AIRFLOW-6348
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-6348
>             Project: Apache Airflow
>          Issue Type: Bug
>          Components: cli
>    Affects Versions: 1.10.6
>            Reporter: t oo
>            Assignee: t oo
>            Priority: Major
>             Fix For: 1.10.8
>
>
> cli.py is currently printing logs with password if you use cli to add connection with conn_password.
> example log is being printed (this is issue if you have a auto-logforwarder like splunk)
> Successfully added `conn_id`=query_hive : hive_cli://user:cleartextpassw@host:10000/default
>  
> relevant code doing the printing:
> with db.create_session() as session:
> if not (session.query(Connection)
> .filter(Connection.conn_id == new_conn.conn_id).first()):
> session.add(new_conn)
> msg = '\n\tSuccessfully added `conn_id`=\{conn_id} : \{uri}\n'
> msg = msg.format(conn_id=new_conn.conn_id,
> uri=args.conn_uri or
> urlunparse((args.conn_type,
> '\{login}:\{password}@\{host}:\{port}'
> .format(login=args.conn_login or '',
> password=args.conn_password or '',
> host=args.conn_host or '',
> port=args.conn_port or ''),
> args.conn_schema or '', '', '', '')))
>  
> [https://github.com/apache/airflow/blob/v1-10-stable/airflow/bin/cli.py#L1325]
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)