You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flume.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/02/13 17:01:00 UTC

[jira] [Commented] (FLUME-2442) Need an alternative to providing clear text passwords in flume config

    [ https://issues.apache.org/jira/browse/FLUME-2442?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16362665#comment-16362665 ] 

ASF GitHub Bot commented on FLUME-2442:
---------------------------------------

GitHub user szaboferee opened a pull request:

    https://github.com/apache/flume/pull/197

    FLUME-2442 Need an alternative to providing clear text passwords in flume config

    Adding an interface with 3 implementations to provide functionality at the configuration level to replace variables/keys from external sources. This component is capable of hiding sensitive information or injecting generated data into the configuration. 
    
    The implementation affects only the configuration layer so existing components (sinks/sources/channels/etc) does not have to change and new components can already have it through the configuration.  
    
    New custom implementations can be easily added even in plugin form. 
    
    Each implementation has unit tests in their module and an integration test in the flume-ng-tests module.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/szaboferee/flume FLUME-2442

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/flume/pull/197.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #197
    
----
commit 72cc49cb0371c6b97b12d102c1224c57bce55ca5
Author: Ferenc Szabó <fs...@...>
Date:   2018-01-24T20:55:02Z

    adding unit tests and some refactoring and code cleanup

commit 9df1b12e6b5ae3c201bd15d32f5550dd9b380cd2
Author: Ferenc Szabó <fs...@...>
Date:   2018-01-29T18:13:27Z

    config filters

commit fa13593baa06c9d770a21fc970110e0c9abf2ef8
Author: Ferenc Szabó <fs...@...>
Date:   2018-02-13T13:20:40Z

    Test fixes + some refactore

----


> Need an alternative to providing clear text passwords in flume config
> ---------------------------------------------------------------------
>
>                 Key: FLUME-2442
>                 URL: https://issues.apache.org/jira/browse/FLUME-2442
>             Project: Flume
>          Issue Type: Bug
>          Components: Sinks+Sources
>    Affects Versions: 1.5.0.1
>            Reporter: Roshan Naik
>            Assignee: Venkat Ranganathan
>            Priority: Major
>              Labels: Security
>         Attachments: FLUME-2442.patch.7, FLUME-2442.patch.9, FLUME-2442.v1.patch, FLUME-2442.v2.patch, FLUME-2442.v3.patch, FLUME-2442.v4.patch, FLUME-2442.v5.patch
>
>
> For some sources and sinks, currently, passwords to keystores/other are specified in clear text in the flume config file.   Since flume config files are often easily accessible to a broader audience (like in source control for instance), the visibility of these passwords can be too much and risky for institutions where security is too critical (like banks) 
> To help address this visibility issue it would be desirable to do the following two things :
> 1) Store the password in a separate file and provide the path of that password file in the flume config. this will enable the flume config to be shared with a wider audience and reduce risk. the password file will need to be very tightly guarded. Some components like file channel & JMS source already do this. 
> 2) As an additional measure, obfuscate the password in the external password file. A simple command line tool can be used to generate the obfuscated password file. Flume source/sink configuration will read the password file and de-obfuscate the password before using it to access the keystore. This obfuscation step IMO is nice but unclear to me if it is essential.
> The following Sources and Sinks appear to use inline cleartext passwords:
> - Avro Source
> - Avro sink
> - HTTP(S) source 
> - File Channel
> - JMS Source
> JDBC channel also uses inline passwords but i am not aware of anybody who uses JDBC channel. So it may not be an issue.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@flume.apache.org
For additional commands, e-mail: issues-help@flume.apache.org