[jira] [Closed] (GUACAMOLE-1162) security in guacamole_user_attribute

Nick Couchman (Jira) Fri, 28 Aug 2020 08:10:30 -0700


     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1162?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nick Couchman closed GUACAMOLE-1162.
------------------------------------
    Resolution: Duplicate

> security in guacamole_user_attribute
> ------------------------------------
>
>                 Key: GUACAMOLE-1162
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1162
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole-auth-jdbc-mysql
>    Affects Versions: 1.2.0
>         Environment: any
>            Reporter: jean louis abegg
>            Priority: Trivial
>              Labels: security
>
> Hello,
> I've backuped a guacamole install 1.2.0 and sniffed in the .sql file.
> In the table guacamole_user_attribute, i've seen clear password in it.
> A suggestion would be to encrypt the parameter_value when parameter_name is 
> equal to "password"
> Unless i'ts already done in 1.3.0?
> Thank you for your hard work.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Closed] (GUACAMOLE-1162) security in guacamole_user_attribute

Reply via email to