You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ignite.apache.org by "Alexand Polyakov (Jira)" <ji...@apache.org> on 2021/11/25 21:27:00 UTC

[jira] [Assigned] (IGNITE-13929) Don't print sensitive information in logs by default

     [ https://issues.apache.org/jira/browse/IGNITE-13929?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alexand Polyakov reassigned IGNITE-13929:
-----------------------------------------

    Assignee: Alexand Polyakov  (was: Sergey Uttsel)

> Don't print sensitive information in logs by default
> ----------------------------------------------------
>
>                 Key: IGNITE-13929
>                 URL: https://issues.apache.org/jira/browse/IGNITE-13929
>             Project: Ignite
>          Issue Type: Improvement
>            Reporter: Sergey Uttsel
>            Assignee: Alexand Polyakov
>            Priority: Major
>
> Right now, by default, node prints entries in logs of PME and long running operations. It’s not secure, because it disclose sensitive data. However printing of entries might help with certain issues such as deadlock. So we can print hash of entries in log.
>   
> *Summary of the changes:*
>  1. IGNITE_TO_STRING_INCLUDE_SENSITIVE is deprecated
>  2. IGNITE_SENSITIVE_DATA_LOGGING is a new system property with three possible values:
>  "plain" - print as is
>  "hash" - print hash (primitives are printed as is)
>  "none" - don’t print anything
>  3. "hash" is default value
>  4. If a node starts with explicit IGNITE_TO_STRING_INCLUDE_SENSITIVE the value converts to IGNITE_SENSITIVE_DATA_LOGGING:
>  true -> plain
>  false -> none



--
This message was sent by Atlassian Jira
(v8.20.1#820001)