Shell should verify that user password is a string during user creation

XMLWordPrintableJSON

    • Type: Improvement
    • Resolution: Done
    • Priority: Major - P3
    • 2.7.0
    • Affects Version/s: 2.4.9, 2.6.0-rc2
    • Component/s: Shell
    • None
    • Minor Change
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      If the shell blindly accepts the password without checking the type, it will pass it into the md5 function which will coerce the password into a string. This could make it impossible to authenticate later if you are using an authentication mechanism where the password is digested server-side.

              Assignee:
              Spencer Brody (Inactive)
              Reporter:
              Spencer Brody (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: