Project

General

Profile

Bug #90

closed

Using /quote pass logs the server passwords

Added by Anonymous almost 12 years ago. Updated almost 12 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
-
Target version:
Start date:
08/09/2008
Due date:
% Done:

0%

Estimated time:
Operative System:
All
Regression:

Description

With activated logging, using the /quote pass command, for example on bouncers, logs their respective passwords in the local logfiles. If someone other than the authorized user had access to those logfiles, he/she could make unauthorized use of password protected servers. I suggest turning logging off for the raw PASS command.

#1

Updated by Per Amundsen almost 12 years ago

  • Status changed from New to Assigned
  • Assignee set to Per Amundsen
  • Target version set to 1.8

Good catch, thank you.

#2

Updated by Per Amundsen almost 12 years ago

  • Status changed from Assigned to Resolved

Replaced password with fixed **

It will still show up in rawlog, for debug purpose, but rawlog is not logged to disk, or shown unless you open it yourself.

#3

Updated by Per Amundsen almost 12 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF