Bug 25014 - Password displayed in clear in logs!
Summary: Password displayed in clear in logs!
Status: RESOLVED FIXED
Alias: None
Product: Telepathy
Classification: Unclassified
Component: butterfly (show other bugs)
Version: unspecified
Hardware: Other All
: medium critical
Assignee: Telepathy bugs list
QA Contact: Telepathy bugs list
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-11-10 06:31 UTC by Guillaume Desmottes
Modified: 2010-02-18 03:58 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Guillaume Desmottes 2009-11-10 06:31:57 UTC 
Butterfly display the unencrypted password in logs which is a serious violation of the "no password in log" policy of Telepathy.
Comment 1 Nicolas Dufresne 2010-01-25 08:33:45 UTC 
To my point of view, Butterfly traces things as they arrives on D-Bus, and password in TP Spec are currently passed in clear text. I think this is has bad has having it in logs.
Comment 2 Olivier Le Thanh Duong 2010-02-01 08:58:40 UTC 
Hi,
this branch fix the problem using a regex :
http://git.collabora.co.uk/?p=user/olethanh/papyon.git;a=shortlog;h=refs/heads/hide_password
Comment 3 Jonny Lamb 2010-02-01 11:09:46 UTC 
(In reply to comment #2)
> http://git.collabora.co.uk/?p=user/olethanh/papyon.git;a=shortlog;h=refs/heads/hide_password


Looks alright, I guess.
Comment 4 Olivier Le Thanh Duong 2010-02-18 03:58:00 UTC 
Fix merged in papyon master.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.