[Pidgin] #3253: Linux Local Password Copying Exploit

Pidgin trac at pidgin.im
Fri Sep 21 09:13:48 EDT 2007


#3253: Linux Local Password Copying Exploit
---------------------------+------------------------------------------------
  Reporter:  bobbocanfly   |       Owner:  lschiere                                  
      Type:  defect        |      Status:  closed                                    
  Priority:  minor         |   Milestone:                                            
 Component:  unclassified  |     Version:  2.2.0                                     
Resolution:  invalid       |    Keywords:  security, passwords, easy, to, fix, base64
   Pending:  0             |  
---------------------------+------------------------------------------------
Changes (by deryni):

  * status:  new => closed
  * resolution:  => invalid

Comment:

 You need to have permissions to the file in order to read it, the
 permissions are what are supposed to protect it and if you can read it
 base64 isn't going to help anything, and neither will just about anything
 else one can do to it. There's a FAQ entry on this for a reason.
 http://developer.pidgin.im/wiki/Using%20Libpurple#Whyarepasswordsnotencrypted

-- 
Ticket URL: <https://developer.pidgin.im/ticket/3253#comment:1>
Pidgin <http://pidgin.im>
Pidgin


More information about the Tracker mailing list