log-backup: secrets may be directly logging to log when --send-credentials-to-tikv=false
not set during starting log backup
#55273
Labels
affects-6.5
This bug affects the 6.5.x(LTS) versions.
affects-7.1
This bug affects the 7.1.x(LTS) versions.
affects-7.5
This bug affects the 7.5.x(LTS) versions.
affects-8.1
This bug affects the 8.1.x(LTS) versions.
component/br
This issue is related to BR of TiDB.
severity/major
type/bug
The issue is confirmed as a bug.
Bug Report
Please answer these questions before submitting your issue. Thanks!
1. Minimal reproduce step (Required)
And then, check the TiDB log.
2. What did you expect to see? (Required)
It shouldn't contain sensetive information.
3. What did you see instead (Required)
Notice here, our secret key was printed:
4. What is your TiDB version? (Required)
Current master.
Note: It is always unsafe to enable
--send-credentials-to-tikv
when starting log backup because: it will store the credentials to PD, and won't rotate them. Then, when the session key expired, there is no way to refresh them(Also anyone that can access PD can query them...). Authorize by IAM roles or other context of the TiKV node are more recommended in productive environment.The text was updated successfully, but these errors were encountered: