[jira] [Commented] (CONNECTORS-737) passwords handling in Manifold

Wed, 26 Jun 2013 04:21:56 -0700 

    [ 
https://issues.apache.org/jira/browse/CONNECTORS-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13693918#comment-13693918
 ] 

Maciej Lizewski commented on CONNECTORS-737:
--------------------------------------------

not exactly. when password are in concern we should pay maximum attention and 
reduce possibility of password leak to the minimum.
I understand that we assume that access to Manifold is somehow protected and 
that there is only one level of security, so everyone that has access to all 
Manifold configuration. On the other hand - these are passwords allowing to 
read *ALL DOCUMENTS in every repository*! if Manifold administrator leave 
unlocked console - it is too easy to read them and then use them. It is 
generally not a good pattern to rely only on single authentication and granting 
any access to plain text passwords - this is why in systems like LDAP they are 
not even stored in database but only their hashes...
I think proposed procedure is quite simple and easy and could prevent very 
serious accidents. Security is about reducing all possibilities of something 
goes wrong and we should tighten Manifold in this area.

the only problem here is some amount of work we should do to change current 
approach...
                
> passwords handling in Manifold
> ------------------------------
>
>                 Key: CONNECTORS-737
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-737
>             Project: ManifoldCF
>          Issue Type: Bug
>            Reporter: Maciej Lizewski
>
> Currently you can see stored passwords in HTML body of the page which is 
> quite big security hole. We could rewrite it so that the field is presented 
> with some predefined constant string, like "###########" (only to show the 
> field with some entered text). Then in process*Post handlers we should check 
> if someone entered anything different here and only in such case overwrite 
> previously stored password. When posted value is equal to "###########" - we 
> leave previous password in configuration intact.
> this applies to almost all connectors...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to