Univention Bugzilla – Bug 41105
Joinskript-Passwort in Prozessliste sichtbar
Last modified: 2019-02-18 17:00:03 CET
This is a security relevant issue that allows all users and processes to see the Administrator's password during system join and every other call of join scripts. +++ This bug was initially created as a clone of Bug #20611 +++ Derzeit ist das an Joinskripte übergebene Passwort in der Prozessliste sichtbar. Hier sollte (ggf. in Verbindung mit Bug 20610) geprüft werden, wie dies verhindert werden kann.
There is a Customer ID set so I set the flag "Enterprise Customer affected".
This issue has been filled against UCS 4.1. The maintenance with bug and security fixes for UCS 4.1 has ended on 5st of April 2018. Customers still on UCS 4.1 are encouraged to update to UCS 4.3. Please contact your partner or Univention for any questions. If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.
*** This bug has been marked as a duplicate of bug 46842 ***