Apache Sqoop — hiding your password
Apache Sqoop is a versatile and very useful tool when it comes to gathering data for your Big Data project.
In my case, we developed several critical processes, for example, importing valuable information from Oracle RDBMS.
We need to extract essential information and generate insights for the company’s heads to make important decisions.
How to incorporate this data in our Data Lake or in ETL processes in a way that they generate reports for decision-makers?
With Apache Sqoop it became an easy task and you can find a number of information on how to use the tool on the web or even here at medium.com.
However, a security problem in the Linux world caught our attention.
How to run this tool in your jobs without exposing the database user’s password for example?
This is a very common practice between gullible people who run processes without taking into account security issues.
It's very easy for anyone to capture this information with a ‘ps -ef’ command, for example. With this command all machine processes are displayed and Bingo! your password is exposed in clear text for everyone, including those with the most keen curiosity.
Let alone the bad guys …!
