It's an easy programming mistake to pass a string instead of a tuple to ipautil.run. If this is done each individual character of the password will be replaced in the log individually. For example:
ipautil.run
You will be prompXXXXXXXXed for XXXXXXXXhe daXXXXXXXXabase MasXXXXXXXXer Password. XXXXXXXXXXXXXXXX is imporXXXXXXXXaXXXXXXXXXXXXXXXX XXXXXXXXhaXXXXXXXX you NOT FOXXXXXXXXGET XXXXXXXXhis password.
The function should check that it's not being passed a bare string.
master: a09063c
ipa-2-2: 0b8847e
Metadata Update from @pviktori: - Issue assigned to pviktori - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/02
Login to comment on this ticket.