Univention Bugzilla – Bug 48687
univention-join -verbose exposes admin password
Last modified: 2020-07-06 16:33:11 CEST
univention-join has the "-verbose" flag to enable verbose logging. This appears to be done by simply setting a "set -x" at the beginning of the script. Unfortunately this exposes the administrator password which is then written several times to the join.log file. This is no good, even not when being aware of it. "-verbose" should log verbose output without the password.