You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@accumulo.apache.org by "Michael Allen (JIRA)" <ji...@apache.org> on 2014/04/22 17:32:14 UTC

[jira] [Created] (ACCUMULO-2713) Instance secret written out with other configuration items to RFiles and WALogs when encryption is turned on

Michael Allen created ACCUMULO-2713:
---------------------------------------

             Summary: Instance secret written out with other configuration items to RFiles and WALogs when encryption is turned on
                 Key: ACCUMULO-2713
                 URL: https://issues.apache.org/jira/browse/ACCUMULO-2713
             Project: Accumulo
          Issue Type: Bug
    Affects Versions: 1.5.1
            Reporter: Michael Allen
            Priority: Critical
             Fix For: 1.6.0


The encryption at rest feature records configuration information in order to encrypted RFiles and WALogs so that if the configuration changes, the files can be read back.  The code that does this recording hovers up all the "instance.*" entries, and does not pick out the instance.secret as a special one not to write.  Thus the instance secret goes into each file in the clear, which is non-ideal to say the least.

Patch forthcoming.



--
This message was sent by Atlassian JIRA
(v6.2#6252)