Opened 11 years ago
Closed 10 years ago
#1787 closed enhancement (fixed)
Protect sensitive data from being loaded by the Metadata class
| Reported by: | Nicklas Nordborg | Owned by: | everyone |
|---|---|---|---|
| Priority: | major | Milestone: | BASE 3.3 |
| Component: | core | Version: | |
| Keywords: | Cc: |
Description
The Metadata class can be used to load data from the database using reflection on the data layer objects. However, in #1784 it was discovered that some properties may contain sensitive data that has higher protection than other data (eg. change history logs). A solution was implemented as part of that ticket (see [6355]). The same protection should be applied to some other properties:
- Passwords (they are encrypted, but usually not readable by anyone)
- Internal file name (is for internal use only)
Change History (3)
comment:1 by , 11 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
comment:2 by , 10 years ago
| Resolution: | fixed |
|---|---|
| Status: | closed → reopened |
There is also some information in the FileServerData class that need protection:
- Password
- Client certificate
- Client certificate password
comment:3 by , 10 years ago
| Resolution: | → fixed |
|---|---|
| Status: | reopened → closed |
Note:
See TracTickets
for help on using tickets.
(In [6356]) Fixes #1787: Protect sensitive data from being loaded by the Metadata class