apache
HIVE-28838: Remove sensitive jdbc properties from explain plan for JdbcStorageHandler tables
It removes the following sensitive properties from tables created with JdbcStorageHandler:
- hive.sql.dbcp.username
- hive.sql.dbcp.password
Why are the changes needed?
Explain extended can cause a security issue if they query sys tables: Sys tables are created with JdbcStorageHandler and so that, the output of explain extended will contain sensitive jdbc connection info.
Does this PR introduce any user-facing change?
Yes, it removes the listed properties from explain extended output when a JdbcStorageHandler table is included in a query.
Is the change a dependency upgrade?
No
How was this patch tested?
QTest added: explain_systest_password.q
@zhangbutao , @zratkai , @deniskuzZ , thank you for the reviews so far. Do I have any question that I didn't answer or needs more to discuss about?
Thank you
Quality Gate passed
Issues
1 New issue
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud