Bug 226783 - Do not store password for external mysql server in plaintext
Summary: Do not store password for external mysql server in plaintext
Status: REPORTED
Alias: None
Product: Akonadi
Classification: Frameworks and Libraries
Component: general (show other bugs)
Version: 4.4
Platform: Slackware Unspecified
: NOR wishlist
Target Milestone: ---
Assignee: Volker Krause
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-02-14 11:31 UTC by Heinz Wiesinger
Modified: 2021-03-09 16:30 UTC (History)
3 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Heinz Wiesinger 2010-02-14 11:31:53 UTC 
Version:            (using KDE 4.4.0)
Installed from:    Slackware Packages

If one uses an external mysql server for akonadi, the password for the user accessing that server is stored as plaintext in ~/.config/akonadi/akonadiserverrc. This is very bad from a security perspective and should be changed.
Comment 1 Matěj Laitl 2010-06-22 21:29:02 UTC 
Yup, storing it in kwallet would be much more secure while almost equally convenient.
Comment 2 Martin Tlustos 2014-05-08 14:37:09 UTC 
Hello,
can you confirm that this problem still persists? If not, please close the bug as solved. Thank you.
Comment 3 Justin Zobel 2021-03-09 05:46:55 UTC 
Thank you for the bug report.

As this report hasn't seen any changes in 5 years or more, we ask if you can please confirm that the issue still persists.

If this bug is no longer persisting or relevant please change the status to resolved.
Comment 4 Heinz Wiesinger 2021-03-09 16:30:46 UTC 
Yes, password is still stored in plain text, but I don't think there's a UI anymore for configuring akonadi database settings. Without a UI, I assume it's gonna be difficult to put it anywhere else :-/