You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "Josh Elser (JIRA)" <ji...@apache.org> on 2014/08/01 23:33:40 UTC

[jira] [Commented] (ACCUMULO-2464) Trace user password required in plaintext in accumulo-site.xml

    [ https://issues.apache.org/jira/browse/ACCUMULO-2464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14082995#comment-14082995 ] 

Josh Elser commented on ACCUMULO-2464:
--------------------------------------

Also, worth mentioning: I originally planned to add this to 1.5, but the {{Sensitive}} annotation on Property's was only added in 1.6.0. Only Sensitive Property's check the CredentialProviders to alleviate checking the CredentialProviders repetitively for keys which are likely to never exist (are not sensitive and are designed to just live in accumulo-site.xml).

> Trace user password required in plaintext in accumulo-site.xml
> --------------------------------------------------------------
>
>                 Key: ACCUMULO-2464
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2464
>             Project: Accumulo
>          Issue Type: Improvement
>          Components: trace
>    Affects Versions: 1.5.0, 1.5.1, 1.6.0
>            Reporter: Josh Elser
>            Assignee: Josh Elser
>             Fix For: 1.6.1, 1.7.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> The {{trace.password}} property is used by the Tracer to authenticate with Accumulo and persist the traces in the trace table. Presently, this is required to be in plaintext which is rather sub-par, but has been overlooked mostly because that password is for an isolated user account which shouldn't have access to any sensitive data.
> I'm thinking of the following: provide some new storage in ZK akin to the acl + salt that's currently done for the passwd db and instance.secret (with a new secret for this, of course)
> Another option might be to provide a hashing command that will hash the password, store that instead of the plaintext, and then use the hash with a salt to authenticate (not exposing the hash-authentication method to users). Not sure how I feel about that.
> Leveraging some BCrypt library might be nice too (if there's an ASF license compatible lib somewhere). 



--
This message was sent by Atlassian JIRA
(v6.2#6252)