You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@kafka.apache.org by "Colin P. McCabe (JIRA)" <ji...@apache.org> on 2017/02/17 17:02:41 UTC
[jira] [Comment Edited] (KAFKA-4754) Correctly parse '=' characters
in command line overrides
[ https://issues.apache.org/jira/browse/KAFKA-4754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15872116#comment-15872116 ]
Colin P. McCabe edited comment on KAFKA-4754 at 2/17/17 5:02 PM:
-----------------------------------------------------------------
bq. Its worth noting, it was also possible to echo out passwords on any error in this code path via CommandLineUtils.parseKeyValueArgs: System.err.println("Invalid command line properties: " + args.mkString(" "))
Hmm. It is not a good practice to pass passwords through the command line. This could expose the password to anyone who is able to run {{ps}} on the system, or look at the bash history. So I'm not sure that we should be concerned about the {{println}}. In fact, we might want to issue a warning if people do this with passwords...
was (Author: cmccabe):
bq. Its worth noting, it was also possible to echo out passwords on any error in this code path via CommandLineUtils.parseKeyValueArgs: System.err.println("Invalid command line properties: " + args.mkString(" "))
Hmm. It is not a good practice to pass passwords through the command line. This could expose the password to anyone who is able to run {{ps}} on the system, or look at the bash history. So I'm not sure that we should be concerned about the {{println}}. In fact, we might want to deprecate the {{\--password}} option.
> Correctly parse '=' characters in command line overrides
> --------------------------------------------------------
>
> Key: KAFKA-4754
> URL: https://issues.apache.org/jira/browse/KAFKA-4754
> Project: Kafka
> Issue Type: Bug
> Affects Versions: 0.9.0.0
> Reporter: Grant Henke
> Assignee: Grant Henke
>
> When starting Kafka with an override parameter via "--override my.parameter=myvalue".
> If a value contains an '=' character it fails and exits with "Invalid command line properties:.."
> Often passwords contain an '=' character so its important to support that value.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)