Uploaded image for project: 'CouchDB'
  1. CouchDB
  2. COUCHDB-2364

plaintext admin password remains visible if there are two [admin] sections

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Won't Fix
    • None
    • None
    • Database Core
    • None
    • 3.2/4.2 Sprint

    Description

      How to reproduce:

      1.
      Make a local.ini document with two [admin] sections, and the user = password line in the second one, as the dev/run script did as of github commit d3094366b6775e7a54:

      ```
      [admins]
      ;admin = mysecretpassword

      [admins]
      candeira = candeira
      ```
      2.
      CouchDB process will not replace the plaintext password, but merely edit in the hashed password under the first [admin] section, and leave the second one unchanged:

      ```
      [admins]
      ;admin = mysecretpassword
      candeira = -pbkdf2-a64e124a06c9c287d5b6ce260cd9c3da4049fe2d,28ea667261c84a53a5f1d92e83f2976d,10

      [admins]
      candeira = candeira
      ```

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. COUCHDB-3392 admin passwords not overwritten in default.d/*.ini files

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              candeira Javier Candeira
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: