Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Sqoop >> mail # user >> Sqoop password expose


Copy link to this message
-
Re: Sqoop password expose
Hi Santosh,
what logs are you referring to? Sqoop never ever printed out password into it's logs.

There were however few instances where the password was available in the past by exploring other means, such as:

* Mapreduce job.xml object - this got removed in 1.4.4 via SQOOP-914
* Oozie logs - this can be bypassed by using --password-file option that has been added in 1.4.4 again via SQOOP-914

Don't hesitate and let us know if you see another instance where the password is available!

Jarcec

On Mon, Apr 14, 2014 at 09:41:13PM +0800, Santosh Achhra wrote:

 -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJTalSkAAoJEEk45sAabwqGM3kQALtDRb3MZRB6plRbEprccUg/
S4w3v+sDi4uij0ueqcCstnJ7Q79HwXlQ/lHFCx2WbY+biXQ+yWKm1LAGssFna/8G
MuQO6a51n6HOXM7lSklEzx3y/w+XVbD/1hY5Ypp243r+KFJZ2End5Z/5QnAmXRXc
JdY0kYuI4SjDC9h08GowfVbT3uqOy6TnA5BLik/ST6pv7B4DBGcZtjqOw2+12UR4
O8NkTP7ZkzfKmyeolKFjFhZJ2jJfJZ0QFTsHVJQM0PUVs+b5pv2nOQqudifOce8q
jNKYWcPVWLnAhaCv66aALtSrO3qYcvlA9gmqkC6ZkRpA6lRSUwDHbp/tkS2TuBua
rG4Pwh569IE2wkIUmwhmLk6w+ZylyglCq8h3AwzpjyzBaJDeHQEI2RgF5/I/7l29
q/XCBTC//AP4lepwRnM6YAOrV+mv7nXn2CwqXEOxgC0ysEywMZoL/oXTsxSFXCRp
QnQ6o1i92dQNp6H2KX303aFJDpQ/T1veh6dYjgUT8RLjwvldy0kx+iVUxp3BAto2
Y/HajRq4sJF0JC62cVxyZyWBp59T7dU72uZLRdHDFiCguNF+u++R8HFcVF9cjr32
xCZGWMOgObGrQa0OTrKooKtmzHMV+QwBFOWFgH6WMONG0w5CGG11CZfgmSlVPsmc
zdGDHCoCZIwVfu2I1dq4
=qGtv