Opened 9 years ago

Closed 9 years ago

#16874 closed Cleanup/optimization (wontfix)

Security issue: stores password+username in plain-text

Reported by: AlecTaylor Owned by: nobody
Component: Core (Other) Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Design decision needed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


Good evening,

I've just begun learning DJango when I noticed stores password+username in plain-text.

Please fix this (i.e. by implementing something with PyOpenSSL or I can write a frontend in C++)


Alec Taylor

Change History (2)

comment:1 Changed 9 years ago by Aymeric Augustin

Component: Database layer (models, ORM)Core (Other)
Severity: Release blockerNormal
Triage Stage: UnreviewedDesign decision needed
Type: UncategorizedCleanup/optimization is a regular python file, you can implement the password loading mechanism that best suits your needs. However, I think it's unrealistic to try to develop a one-size-fits-all password storage mechanism. There are too many uses of Django.

The (POSIX) user under which the application runs needs access to the password anyway, so it's hard to provide much more security than chowning to this user and chmodding to 400.

Marking as DDN, but I think core devs will say "wontfix".

Thanks for the suggestion!

comment:2 Changed 9 years ago by Russell Keith-Magee

Resolution: wontfix
Status: newclosed
  1. First off, *PLEASE* don't report security issues to Trac. If you think you have found a security issue, it should be reported to security@…, just like it says on the new ticket page.
  1. Like aaugustin says, this isn't a security issue. If an attacker is in a position where they can read your file, the battle is already lost.
  1. If you still want to use a different authentication method, you have that flexibility. The only part of that specifies a username and password is the database backend, and they are plugabble, so you can implement your own backend with your own authentication method if you want.

If you implement a pluggable backend with a custom authentication scheme and want to contribute it to trunk, we *might* consider adding it to trunk (depending on complexity, efficacy, etc), but otherwise, having this as an open ticket won't actually progress anything. Marking wontfix, as aaugustin suggested.

Note: See TracTickets for help on using tickets.
Back to Top