couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Javier Candeira (JIRA)" <j...@apache.org>
Subject [jira] [Created] (COUCHDB-2364) plaintext admin password remains visible if there are two [admin] sections
Date Wed, 08 Oct 2014 01:35:33 GMT
Javier Candeira created COUCHDB-2364:
----------------------------------------

             Summary: plaintext admin password remains visible if there are two [admin] sections
                 Key: COUCHDB-2364
                 URL: https://issues.apache.org/jira/browse/COUCHDB-2364
             Project: CouchDB
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: Database Core
            Reporter: Javier Candeira


How to reproduce:

1.
Make a local.ini document with two [admin] sections, and the user = password line in the second
one, as the dev/run script did as of github commit d3094366b6775e7a54:

    [admin]
    ; maybe a comment here

    [admin]
    candeira = candeira

2.
CouchDB process will not replace the plaintext password, but merely edit in the hashed password
under the first [admin] section, and leave the second one unchanged:



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message