Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-1162

security in guacamole_user_attribute

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Trivial
    • Resolution: Duplicate
    • 1.2.0
    • None
    • guacamole-auth-jdbc-mysql
    • any
    • Patch, Important

    Description

      Hello,

      I've backuped a guacamole install 1.2.0 and sniffed in the .sql file.

      In the table guacamole_user_attribute, i've seen clear password in it.

      A suggestion would be to encrypt the parameter_value when parameter_name is equal to "password"

      Unless i'ts already done in 1.3.0?

      Thank you for your hard work.

      Attachments

        Issue Links

          duplicates

          New Feature - A new feature of the product, which has yet to be developed. GUACAMOLE-641 Support storage of sensitive data within key vaults

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Unassigned Unassigned
              jlabegg jean louis abegg
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: