You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flink.apache.org by "Flink Jira Bot (Jira)" <ji...@apache.org> on 2021/10/29 10:42:01 UTC
[jira] [Updated] (FLINK-21196) Sensitive information(password) is
in plain text format in flink-conf.yaml configuration file
[ https://issues.apache.org/jira/browse/FLINK-21196?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Flink Jira Bot updated FLINK-21196:
-----------------------------------
Labels: auto-deprioritized-major stale-minor (was: auto-deprioritized-major)
I am the [Flink Jira Bot|https://github.com/apache/flink-jira-bot/] and I help the community manage its development. I see this issues has been marked as Minor but is unassigned and neither itself nor its Sub-Tasks have been updated for 180 days. I have gone ahead and marked it "stale-minor". If this ticket is still Minor, please either assign yourself or give an update. Afterwards, please remove the label or in 7 days the issue will be deprioritized.
> Sensitive information(password) is in plain text format in flink-conf.yaml configuration file
> ---------------------------------------------------------------------------------------------
>
> Key: FLINK-21196
> URL: https://issues.apache.org/jira/browse/FLINK-21196
> Project: Flink
> Issue Type: Bug
> Components: Deployment / Scripts
> Affects Versions: 1.10.0, 1.11.3
> Reporter: Suchithra V N
> Priority: Minor
> Labels: auto-deprioritized-major, stale-minor
>
> When ssecurit settings are enabled in flink configuration passwords information will be wriiten in flink-conf.yaml file as a plain text. If any attacker is able to access this file can use these paswords to decrypt the files. Hence secure mechanism is required to mask these senstive information from flink-conf.yaml file.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)