[ZBX-15767] Clear text bind password in ldap authentication Created: 2019 Mar 05  Updated: 2019 Mar 05  Resolved: 2019 Mar 05

Status: Closed
Project: ZABBIX BUGS AND ISSUES
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Incident report Priority: Major
Reporter: Luca Di SIlverio Assignee: Edgar Akhmetshin
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates ZBXNEXT-1660 Wallet for application credentials Closed
is duplicated by ZBX-15765 Clear text bind password in ldap auth... Closed

 Description   

Steps to reproduce:

  1. Config Ldap aithentication with bind password
  2. By cli run "SELECT * FROM CONFIG"

Result:

In "ldap_bind_password" field inside "config" table password remain visible.

Expected:
In "ldap_bind_password" field MD5 value 

 Comments   
Comment by Edgar Akhmetshin [ 2019 Mar 05 ]

Hello Luca,

Thank you for reporting the issue. The requested functionality is already registered under ZBXNEXT-1660, so we will close this ticket and continue the discussion there. Feel free to follow the original case and vote for it. Solution suggested by radix if we just talk about sensitive data in DB/tables - encrytion is implemented in MySQL 5.7 and 8.0 . RDBMS supports table space encryption as out-of-the box. Just enable keyring plugin and alter table

ALTER TABLE t1 ENCRYPTION='Y';
Comment by Luca Di SIlverio [ 2019 Mar 05 ]

Thanks Edgar, is there a solution form PostgreSQL?

Generated at Fri Apr 26 23:38:26 EEST 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.