Project

General

Profile

Feature #1575

User Passwords are stored in Cleartext

Added by Thomas Zelch almost 12 years ago. Updated about 10 years ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
API
Target version:
-
Start date:
2013-01-28
Due date:
% Done:

0%

Estimated time:

Description

Hi,

First off thanks for the great work on tvheadend, it made huge steps the last couple of months!

I have just realized that tvheadend is saving all users passwords in Cleartext into Files in the .hts Directory.
I know that the Filesystem Permissions are correct and only Root or the HTS User can read the Files and therefor the passwords,
but i still think it would be good to implement some kind of rudimentary encryption of the passwords.

Thanks in advance!

History

#1

Updated by Adam Sutton almost 12 years ago

  • Tracker changed from Bug to Feature
  • Category set to General
  • Status changed from New to Accepted

I've been thinking the same for some time, mainly because I stupidly included my own config (though with dummy passwords) in a release tarball.

But I don't think can be considered a bug as it was a design decision to keep things simple. So moving to FR, but I do agree this could/should be changed.

Adam

#2

Updated by Adam Sutton almost 11 years ago

  • Category changed from General to API
#3

Updated by Sam Stenvall about 10 years ago

Hasn't this been fixed recently?

#4

Updated by Mark Clarkstone about 10 years ago

  • Status changed from Accepted to Fixed

I believe so too, marking as fixed.

Also available in: Atom PDF