[MXS-1256] Make combined use of masking and the firewall filter more convenient. - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Duplicate
Affects Version/s: 2.1.2
Fix Version/s: 2.2.0
Component/s: dbfwfilter, masking
Labels:
None

Sprint:
2017-37, 2017-38

Description

Using the masking filter certain columns can be masked. However, as the maxrows filter works on the resultset alone, it is possible to easily circumvent it. For instance,

mysql> SELECT id, firstname, lastname FROM masking;

+----+-----------+----------+

| id | firstname | lastname |

+----+-----------+----------+

|  1 | test1     | XXXXX    |

|  2 | test2     | XXXXX    |

+----+-----------+----------+

mysql> SELECT id, firstname, CONCAT(lastname) FROM masking;

+----+-----------+------------------+

| id | firstname | CONCAT(lastname) |

+----+-----------+------------------+

|  1 | test1     | mask1            |

|  2 | test2     | mask2            |

+----+-----------+------------------+

That can be prevented using the firewall. However, currently it is quite inconvenient as you would need to separately list all functions using which the masking can be circumvented.

There should be an easy way to use maxrows and the firewall filter together, for securely masking certain columns.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Johan Wikman

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2017-05-02 09:39

Updated:: 2017-08-22 10:58

Resolved:: 2017-08-22 10:58

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.