There are 'feature' of ClickHouse to make subdirectories for Distributed tables, contaning username and password, configured in remote_servers section.

Example:

<yandex>
        <test>
            <shard>
                <replica>
                    <host>host</host>
                    <port>port</port>
                    <user>username</user>
                    <password>password</password>
                </replica>
            </shard>
        </test>
    </remote_servers>
</yandex>

Following directories will be created for Distributed tables

<data_path>/data/<database>/<table>/username:password@host:port

Here username and password exposed in plaintext.

In some cases (when some data considered as broken for example), ClickHouse server writing following to the logs:

<ts> [ 319 ] {} <Error> <db>.Distributed.DirectoryMonitor: Renamed `<data_path>/data/<database>/<table>/username:password@host:port/1321.bin` to `<data_path>/data/<database>/<table>/username:password@host:port/broken/1321.bin`

Also, after manual broken data deletion, CH will log something like
<data_path>/data/<database>/<table>/username:password@host:port/broken/1321.bin not found

So, username and password exposed in a logs in plaintext, and can be found by anyone having read permissions for a logs.
Exposing credentials for a user (especially for user having write permissions) in a log it's a security issue.

Is it possible to avoid making directories with username and password, and/or writing username/password to the log?

Thanks