Bug 54580 - FTP install - IOError messages leak the password.
FTP install - IOError messages leak the password.
Status: CLOSED DEFERRED
Product: Red Hat Linux
Classification: Retired
Component: anaconda (Show other bugs)
7.3
i386 Linux
low Severity medium
: ---
: ---
Assigned To: Jeremy Katz
Brock Organ
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-10-12 17:46 EDT by Aleksey Nogin
Modified: 2007-03-26 23:49 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 13:48:10 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Aleksey Nogin 2001-10-12 17:46:28 EDT
When doing an FTP install of Enigma I noticed that anaconda was printing
IOError messages from time to time (in the syslog console) and those
messages contained the complete URL of the package which included the
(slightly obscured) password. I would consider this a pretty minor problem,
but still...
Comment 1 Jeremy Katz 2001-11-26 17:14:56 EST
We just use the stock ftplib.py from python... Trond?
Comment 2 Trond Eivind Glomsrxd 2001-12-06 11:48:37 EST
Does the development installer (with the new python) show it as well? Also,
wouldn't the best way to handle that be within the installer? (catch the
exception) It's a very useful debugging tool, so I don't think we should change
the default behaviour.
Comment 3 Michael Fulbright 2002-03-26 12:45:27 EST
Deferring to future release.
Comment 4 Red Hat Bugzilla 2006-02-21 13:48:10 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.