authtools.conf password exposure

Bug #107198 reported by Stephan Buys
2
Affects Status Importance Assigned to Milestone
Network Authentication Configuration
Fix Committed
Undecided
Unassigned

Bug Description

when setting Active Directory Authentication the file data\authtools.conf contains the ID and password of the user used to join the domain.

This could lead to serious security issues as the account used to join the domain normally has administrative privileges.

Revision history for this message
Andrew Mitchell (ajmitch) wrote :

Removed these unnecessary options. Joining is separated now so they're superfluous

Changed in network-authentication:
status: Unconfirmed → In Progress
Revision history for this message
Andrew Mitchell (ajmitch) wrote :

Committed to the branch

Changed in network-authentication:
status: In Progress → Fix Committed
Revision history for this message
Stephan Buys (stephan-buys) wrote :

Can confirm that this does not show up anymore

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.