[MXS-4681] Encrypted passwords are persisted in plaintext - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.26, 6.4.7, 22.08.6, 23.02.1
Fix Version/s: 2.5.28, 6.4.9, 22.08.8, 23.02.3
Component/s: Core
Labels:
None
Environment:
Centos 7

Description

adding a service in maxscale with dynamic change is necessary to add the user and password. Passing the Encrypted password to the command, end up to confirm the service has been created but the password on the /var/lib/maxscale/maxscale.cnf.d/Read-Service.cnf end up to show store as clear password.

maxctrl create service Read-Service readconnroute user=service_user password=2KVMANFl502A2398E42A8C670825770EED948CCBD764E1B67......
OK

cat Read-Service.cnf
[Read-Service]
router_options=slave
password=This_is_my_pwd_clear
router=readconnroute
type=service
user=service_user

So the encryption is already on. There are few things to clear and update on the documentation as well:

can i pass the encrypted pwd ?
can i pass the clear pwd?
how maxscale undestant if the pwd i am passing is the encrypted or not
for sure if the encrypted is on, the file should not store the clear password

Attachments

Activity

People

Assignee:: markus makela

Reporter:: Massimo

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2023-07-25 07:30

Updated:: 2024-01-04 12:46

Resolved:: 2023-08-03 09:43

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.