You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Dmitrii Saprykin (JIRA)" <ji...@apache.org> on 2015/08/03 23:14:05 UTC
[jira] [Commented] (CASSANDRA-6660) Make node tool command take a
password file
[ https://issues.apache.org/jira/browse/CASSANDRA-6660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14652530#comment-14652530 ]
Dmitrii Saprykin commented on CASSANDRA-6660:
---------------------------------------------
Could you please also patch cassandra-2.0 branch of Cassandra? I have adapted patch from this task to it and attached to this task.
> Make node tool command take a password file
> -------------------------------------------
>
> Key: CASSANDRA-6660
> URL: https://issues.apache.org/jira/browse/CASSANDRA-6660
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Vishy Kasar
> Assignee: Clément Lardeur
> Priority: Trivial
> Labels: nodetool
> Fix For: 2.1 beta1
>
> Attachments: cassandra-2.0-6660.patch, trunk-6660-v1.patch, trunk-6660-v2.patch, trunk-6660-v3.patch
>
>
> We are sending the jmx password in the clear to the node tool command in production. This is a security risk. Any one doing a 'ps' can see the clear password. Can we change the node tool command to also take a password file argument. This file will list the JMX user and passwords. Example below:
> cat /cassandra/run/10003004.jmxpasswd
> monitorRole abc
> controlRole def
> Based on the user name provided, node tool can pick up the right password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)