[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-bugs-dist
Subject: [Bug 69089] New: kmail debug output reveals IMAP password
From: Torsten Kasch <tk () Genetik ! Uni-Bielefeld ! DE>
Date: 2003-11-26 17:54:40
[Download RAW message or body]
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
http://bugs.kde.org/show_bug.cgi?id=69089
Summary: kmail debug output reveals IMAP password
Product: kmail
Version: unspecified
Platform: Compiled Sources
OS/Version: Solaris
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
AssignedTo: kmail@kde.org
ReportedBy: tk@Genetik.Uni-Bielefeld.DE
Version: (using KDE Devel)
Installed from: Compiled sources
Compiler: gcc version 2.95.3 20010315 (release)
OS: Solaris
KMail's debug output writes my IMAP password to ~/.xsession-errors; I've found lots \
of lines like the following:
kmail: KMFolderImap::checkValidity of: imaps://tk:MyPasword@imap.my.domain:993/....
(I had to obscure this line for obvious reasons)
I consider this quite critical; not even debug output should write any passwords in \
clear to a file...
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic