Issue #2419: ipautil.run's nolog allows a bare string - freeipa

freeipa

#2419 ipautil.run's nolog allows a bare string

Closed: Fixed None Opened 12 years ago by pviktori.

It's an easy programming mistake to pass a string instead of a
tuple to ipautil.run. If this is done each individual character
of the password will be replaced in the log individually. For example:

You will be prompXXXXXXXXed for XXXXXXXXhe daXXXXXXXXabase MasXXXXXXXXer
Password.
XXXXXXXXXXXXXXXX is imporXXXXXXXXaXXXXXXXXXXXXXXXX XXXXXXXXhaXXXXXXXX
you NOT FOXXXXXXXXGET XXXXXXXXhis password.

The function should check that it's not being passed a bare string.

rcritten commented 12 years ago

master: a09063c

ipa-2-2: 0b8847e

Metadata Update from @pviktori:
- Issue assigned to pviktori
- Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/02

7 years ago

Metadata

Assignee

pviktori

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 2.2 Core Effort - 2012/02

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#2419 ipautil.run's nolog allows a bare string Closed: Fixed None Opened 12 years ago by pviktori.

Metadata

#2419 ipautil.run's nolog allows a bare string

Closed: Fixed None Opened 12 years ago by pviktori.