Bug 179832 - mail-notification saves passwords in clear text with read access for everybody
mail-notification saves passwords in clear text with read access for everybody
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: mail-notification (Show other bugs)
4
All Linux
medium Severity medium
: ---
: ---
Assigned To: Thorsten Leemhuis
Fedora Extras Quality Assurance
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-02-03 04:36 EST by Terje Rosten
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-02 05:54:40 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Terje Rosten 2006-02-03 04:36:13 EST
Description of problem:

There is security problem with mail-notification:

 the program saves data about mail accounts in the file

 ~/.gnome2/mail-notification/mailboxes.xml

 however, passwords are saved unhashed in clear text and on top of that
 file access permissions on the file is wide open: 0644.

Version-Release number of selected component (if applicable):

 mail-notification-2.0-2.fc4

How reproducible:

 o Start mail-notification with the "display the main window" option:
   $ mail-notification -m
 
 o Choose Preferences and then Mailboxes
 o Add a account
 o Have a look in the file ~/.gnome2/mail-notification/mailboxes.xml

Additional info:
 If this issue is not going to be fixed, mail-notification should be removed
 from Fedora Extras.
Comment 1 Thorsten Leemhuis 2006-02-11 09:31:09 EST
(In reply to comment #0)
>  however, passwords are saved unhashed in clear text
That's the case for fetchmail too, iirc

> and on top of that
>  file access permissions on the file is wide open: 0644.
Yeah, that's a problem. Upstream is working on a fix. 

>  If this issue is not going to be fixed, mail-notification should be removed
>  from Fedora Extras.
No, I don't think that this is so important. It wouldn't change much btw -- most
people already have installed it and removing it from the repo doesn't help them.
Comment 2 Dennis Gilmore 2006-02-22 16:07:19 EST
(In reply to comment #1) 
> (In reply to comment #0) 
> >  however, passwords are saved unhashed in clear text 
> That's the case for fetchmail too, iirc 
 
yes  but that doesn't make it right 
 
> > and on top of that 
> >  file access permissions on the file is wide open: 0644. 
> Yeah, that's a problem. Upstream is working on a fix.  
>  
> >  If this issue is not going to be fixed, mail-notification should be 
removed 
> >  from Fedora Extras. 
> No, I don't think that this is so important. It wouldn't change much btw -- 
most 
> people already have installed it and removing it from the repo doesn't help 
them. 
I don't think its the hugest deal in the world.  mostly because  the files are 
in a home dir  default perms  only allow the user access  to that part of the 
tree. its exploitable  by you getting up and walking away from your computer  
and someone coming and sitting down.  It requires local access.  but yes  it 
needs fixed. 
 
It shouldn't be to hard to change the perms that are set. 
 
 
Comment 3 Dennis Gilmore 2006-06-28 23:07:49 EDT
Please look at this.
Comment 4 Ben Liblit 2007-03-04 20:39:09 EST
mail-notification seems like an excellent place to deploy GNOME Keyring. 
Unfortunately, the main upstream developer feels that "the gnome-keyring
paradigm (passwords are worthy of encryption and everything else is not) is
obviously flawed" and therefore he does not intend to support it:
<http://savannah.nongnu.org/bugs/?18893>.

By the way, Gmail passwords do go into GNOME Keyring.  But that's actually
gnomevfs's doing, not anything that mail-notification is doing.

Note You need to log in before you can comment on or make changes to this bug.