Type |
Bug
|
Priority |
Normal
|
Assignee | |
RedmineID |
7495
|
Version |
tigase-server-8.0.0
|
Spent time |
12h 30m
|
Issue Votes (0)
Watchers (0)
Type |
Bug
|
Priority |
Normal
|
Assignee | |
RedmineID |
7495
|
Version |
tigase-server-8.0.0
|
Spent time |
12h 30m
|
Cross-index this issue with our GDPR efforts...
tigase.log.0 contains FINEST lines like this:
2018-02-15 21:50:35.145 [in_14-message-router] MessageRouter.processPacket() FINEST: Processing packet: from=http@oboe/9f3998bf-7da8-46a8-bc39-2940022234f2, to=null, DATA=<iq id="2ccc96fc-6248-4f1d-882b-4afe4e771806" to="sess-man@localhost" from="admin@localhost" type="set"><command node="http://jabber.org/protocol/admin#add-user" xmlns="http://jabber.org/protocol/commands"><x type="submit" xmlns="jabber:x:data"><field var="FORM_TYPE"><value>http://jabber.org/protocol/admin</value></field><field var="accountjid"><value>ablongo@localhost</value></field><field var="password"><value>ablongo</value></field><field var="password-verify"><value>ablongo</value></field><field var="email"><value>ablongo@tigase.net</value></field></x></command></iq>, SIZE=577, XMLNS=null, PRIORITY=NORMAL, PERMISSION=ADMIN, TYPE=set
That's from the Ad-Hoc command "add-user", which we are not using, but there could be other passwords in there. The file
tigase-console.log
also contains theadmin-password
.This issue could be high-priority if %kobit says it is...
config.tdsl