You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Ravi Prakash (JIRA)" <ji...@apache.org> on 2016/02/19 20:58:18 UTC
[jira] [Updated] (HIVE-13091) Beeline logs the username and
password to the history file for connect commands
[ https://issues.apache.org/jira/browse/HIVE-13091?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ravi Prakash updated HIVE-13091:
--------------------------------
Attachment: HIVE-13901.01.patch
Here's a patch which redacts the password AFTER it has been put in the history. I think this is the wrong approach though. We really should never be accepting the password on the command line. For instance if I forgot the {{!}} before the command, the password would still be logged in the history file. I don't know how big a change that would be though....
> Beeline logs the username and password to the history file for connect commands
> -------------------------------------------------------------------------------
>
> Key: HIVE-13091
> URL: https://issues.apache.org/jira/browse/HIVE-13091
> Project: Hive
> Issue Type: Bug
> Affects Versions: 1.2.0
> Reporter: Ravi Prakash
> Assignee: Chinna Rao Lalam
> Attachments: HIVE-13901.01.patch
>
>
> [~farisa] and [~tthompso] found that the beeline client also logs the username and password from a connect command into the beeline history file (Usually found at ~/.beeline/history). We should not be logging the password anywhere.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)