Passwords saved as plain text

Bug #202114 reported by Pander on 2008-03-14
278
This bug affects 4 people
Affects Status Importance Assigned to Milestone
FileZilla
Unknown
Unknown
filezilla (Debian)
Fix Released
Unknown
filezilla (Ubuntu)
Wishlist
Adrien Cunin

Bug Description

Binary package hint: filezilla

Passwords saved as plain text in ~/.filezilla/sitemanager.xml for fielzilla 3.0.0-0ubuntu1 on gutsy.

Password should be stored encrypted so that it is more protected to abuse.

Kees Cook (kees) wrote :

The .filezilla directory itself is mode 700, so no one can read the plaintext passwords. That said, it would be a good idea for filezilla to use the Gnome Keyring instead of storing plain text passwords.

Changed in filezilla:
importance: Undecided → Wishlist
status: New → Confirmed
Tim Kosse (tim-kosse) wrote :

This is by design, it is the task of the operating system to protect the user's files. Please encrypt your home directory.

Pander (pander) wrote :

That is a bit simple security design decision IMHO. Sometimes other people have access to home dirs and backups, like sys admins, and a bit more encryption that plain text would be desirable. Hopefully the password would get some encryption.

Tim Kosse (tim-kosse) wrote :

And what prevents the sys admin from installing a program that intercepts your private data the next time you get it out of the keychain?

Point is: If you can't trust root, don't use the system.

Ludwig (lvb2k2) wrote :

Tim: I understand your point. I suggest two things though,

 1- support for obscuring the passwords, understanding all the limitations that this has. Even being trivial, it would require more than taking the disk out of the machine and using "vi" or "gedit" to look at the password, and that has some value, even if the real value is just improving the user perception of security. This is not a bad thing, as long the documentation makes the limitations clear.

 2- Implement an optional "master password", like firefox. Then use it to encrypt the passwords and URLs in the sitemanager / settings file.

I'm all for option #2. It provides a reasonable level of security to millions of firefox users; I would see it helping filezilla users as well.

Changed in filezilla:
status: Unknown → New
Adrien Cunin (adri2000) wrote :

FileZilla 3.1.2 (now in intrepid) implements a "kiosk mode" in which FZ doesn't write any password to disk.

Grummfy (grummfy) wrote :

perhaps filezilla can use keyring like gnome-keyring or other thing ...

Patrick Brueckner (madmuffin) wrote :

FileZilla moved from SF Tracker to Trac

Changed in filezilla:
status: Unknown → New
Changed in filezilla:
status: New → Unknown
Changed in filezilla (Debian):
status: New → Confirmed
Tim Kosse (tim-kosse) wrote :

You can disable saving of passwords in the settings dialog of FileZilla.

Pander (pander) on 2012-07-12
tags: added: 12.10
Adrien Cunin (adri2000) on 2012-12-07
Changed in filezilla (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → Adrien Cunin (adri2000)
Changed in filezilla (Debian):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package filezilla - 3.6.0.2-1ubuntu1

---------------
filezilla (3.6.0.2-1ubuntu1) raring; urgency=low

  * Merge from Debian experimental. Remaining Ubuntu change:
     - Added debian/patches/11_use-decimal-si-by-default.patch in order to
       comply with UnitsPolicy

filezilla (3.6.0.2-1) experimental; urgency=low

  * Upload to experimental due to freeze
  * New upstream release (LP: #1085474)
     - User is now asked whether passwords should be saved
       (Closes: #490891, LP: #202114)
  * Dropped debian/patches/02_fix-ftbfs.patch, applied upstream
  * Dropped debian/filezilla.svg, it's now upstream as well
  * Updated Standards-Version to 3.9.4, no change needed
  * Switch to dh 9, in order to use dpkg-buildflags
 -- Adrien Cunin <email address hidden> Fri, 07 Dec 2012 17:17:17 +0100

Changed in filezilla (Ubuntu):
status: In Progress → Fix Released
Benjamin Lipp (blipp) wrote :

Since Filezilla won't get a feature like master password or integration in keyrings, see http://trac.filezilla-project.org/ticket/1373 , I suggest using a password manager like KeepassX and disable password saving in Filezilla. You still can save URLs and usernames in Filezilla but copy passwords from your password manager.

Pander (pander) wrote :

Too bad This discourages me from using filezilla until this is supported.

tags: added: precise
removed: 12.10
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.