Bug #90
closedUsing /quote pass logs the server passwords
Start date:
08/09/2008
Due date:
% Done:
0%
Estimated time:
Operative System:
All
Regression:
Description
With activated logging, using the /quote pass command, for example on bouncers, logs their respective passwords in the local logfiles. If someone other than the authorized user had access to those logfiles, he/she could make unauthorized use of password protected servers. I suggest turning logging off for the raw PASS command.
Updated by Per Amundsen over 16 years ago
- Status changed from New to Assigned
- Assignee set to Per Amundsen
- Target version set to 1.8
Good catch, thank you.
Updated by Per Amundsen over 16 years ago
- Status changed from Assigned to Resolved
Replaced password with fixed **
It will still show up in rawlog, for debug purpose, but rawlog is not logged to disk, or shown unless you open it yourself.
Updated by Per Amundsen over 16 years ago
- Status changed from Resolved to Closed