Last modified: 2012-08-31 08:29:37 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T41184, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 39184 - Password data leakage when using external authentication
Password data leakage when using external authentication
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
1.19.1
All All
: Unprioritized normal (vote)
: 1.19.x release
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-09 00:40 UTC by Ryan Lane
Modified: 2012-08-31 08:29 UTC (History)
5 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Patch to fix the issue in core. (1.60 KB, patch)
2012-08-09 00:45 UTC, Ryan Lane 		Details
Add an attachment (proposed patch, testcase, etc.)

Description Ryan Lane 2012-08-09 00:40:31 UTC 
MediaWiki stores passwords in the local database under a number of circumstances. Auth plugins were taking steps to avoid this, but there's a number of ways in which core makes it impossible.

AuthPlugin should have a method that tells core whether it should or should not store the password locally.
Comment 1 Ryan Lane 2012-08-09 00:45:44 UTC 
Created attachment 10944 [details]
Patch to fix the issue in core.
Comment 2 Ryan Lane 2012-08-31 01:31:55 UTC 
If your MediaWiki installation doesn't allow local authentication, and only allows external authentication, then you should purge all passwords from your MediaWiki database:

UPDATE user SET user_password='';

If your installation has a mix of users that use local authentication and external authentication you should purge the user_password field for the external users, but not for the local users. Unfortunately, there's no easy way to tell which users are external and which are local, you'll need to determine that yourself.
Comment 3 Antoine "hashar" Musso (WMF) 2012-08-31 08:29:37 UTC 
Unhiding patch since it got release publicly.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links