119984 – groupdav resources stores (unused) password in clear text in .kde/share/config/kresources_groupwarerc

Bug 119984 - groupdav resources stores (unused) password in clear text in .kde/share/config/kresources_groupwarerc

Summary: groupdav resources stores (unused) password in clear text in .kde/share/confi...

Status:	RESOLVED UNMAINTAINED

Alias:	None

Product:	kresources
Classification:	Unmaintained
Component:	groupdav (show other bugs)
Version:	unspecified
Platform:	openSUSE Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-01-12 17:03 UTC by Sebastian Reitenbach
Modified:	2024-08-11 18:08 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Sebastian Reitenbach 2006-01-12 17:03:20 UTC

Version:            (using KDE KDE 3.5.0)
Installed from:    SuSE RPMs
OS:                Linux

the entered password in a groupdav resource configuration window is stored in clear text in the following file:
~/.kde/share/config/kresources_groupwarerc

due to security concerns this is in no way good, especially as it is not used anyway:
http://bugs.kde.org/show_bug.cgi?id=100451

suggestion: remove the password entry field from the groupdave resource configuration interface. The http password authentication will popup and ask for a password. If I want to save it, the kdewallet is used then.

Comment 1 Reinhold Kainhofer 2006-11-02 19:06:49 UTC

Reassigning all KOrganizer bug reports and wishes to the newly created 
korganizer-devel mailing list.

Comment 2 Christoph Cullmann 2024-08-11 18:08:27 UTC

Dear reporter, the resources handling got redone for KF5 and KF6 based PIM applications.

If you still encounter the issues you had in the past, please report them to the current maintained and updated PIM applications you use

Thanks a lot!