You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2022/02/28 00:33:00 UTC

[GitHub] [airflow] thelastmessiha commented on issue #21827: Airflow UI exposing AWS S3 secret credentials in XCOM screen when using BigQuery Data Transfer Service

thelastmessiha commented on issue #21827:
URL: https://github.com/apache/airflow/issues/21827#issuecomment-1053742008


   @potiuk I think the root cause issue here is not access control to XCOM but that secret keys should not be stored in the metadata database of Airflow in plain text to begin with (which then propagates to the UI's XCOMs screen). Shutting off user access to XCOM does not solve that underlying security issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org