Bug 17862 - Repository-Passwörter stehen im Klartext in UCR-Variablen
Repository-Passwörter stehen im Klartext in UCR-Variablen
Status: RESOLVED WONTFIX
Product: UCS
Classification: Unclassified
Component: Update - Repository administration
UCS 2.4
Other Linux
: P3 normal with 2 votes (vote)
: UCS 3.x
Assigned To: UCS maintainers
:
Depends on:
Blocks: 41102
  Show dependency treegraph
 
Reported: 2010-03-11 11:58 CET by Jan Christoph Ebersbach
Modified: 2018-04-14 13:51 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jan Christoph Ebersbach univentionstaff 2010-03-11 11:58:55 CET
Passwörter für Paket-Repositories müssen momentan im Klartext in UCR-Variablen hinterlegt werden, um den automatische Updater-Mechanismus nutzen zu können, z.B:

repository/online/component/COMPONENT/password=PASSWORD

Es sollte eine alternative UCR-Variable ../passwordfile=FILE geben, aus der der Updater das Passwort ausliest.
Comment 1 Stefan Gohmann univentionstaff 2016-04-25 07:52:05 CEST
This issue has been filed against UCS 2.4.

UCS 2.4 is out of maintenance and many UCS components have vastly changed in
later releases. Thus, this issue is now being closed.

If this issue still occurs in newer UCS versions, please use "Clone this bug".
In this case please provide detailed information on how this issue is affecting
you.