Vsql is not masking password in some cases
Hi,
Vertica did a great job avoiding showing passwords and secrets in clear text.
I was surprised when vsql v 12.0.4-11 is showing password in clear text, by checking vsql process on client:
myuser@myhost: mydir $ ps -ef|grep vsql myosaccount 7719 2146 0 13:33 pts/0 00:00:00 /opt/vertica/bin/vsql -h mydbhost -U myuser -w -g VerticaExportTable.py -A -t -c connect to vertica mydb user mydbuser password 'passwordincleartext' on ....
Vsql nicely masked password in -w.
It appears, vsql is not scanning SQL passed with -c for passwords and secrets and not masking them.
I think attempt to pass password in vsql var would also not masking passwords and secrets.
Please ask security team, are they consider this a problem that need attention.
(Yes I know there are more than one workaround)
Thank you
Sergey
Best Answer
-
Options
SruthiA
Vertica Employee Administrator
@Sergey_Cherepan_1 : If you use passwordless authentication for connect to vertica then you will not face this problem
https://docs.vertica.com/23.4.x/en/sql-reference/statements/connect-to/#passwordless-authentication
1