Closed jnweiger closed 10 months ago
I mean, these are personal settings. We have this logic in other parts of the code, and agreed it is legacy, but it is not worth the effort to refactor it. Also I am not sure if I hold right skillset for this.
The reason is, you do not want that someone accidentaly overwrites the key.
I agree, it is important to clearly show if the key is already set, or if it is unset. But I am worried about security aspects here.
Also, in the database, the key is stored unencrypted. So all system admin / backup operator have immediate access.
ariaDB [owncloud]> select * from oc_preferences; +--------+----------------+---------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | userid | appid | configkey | configvalue | +--------+----------------+---------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin | richdocuments | zoteroAPIPrivateKey | 79870870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709870987098709879870987098709870987098709870987098709870987098709870987 |
Also, in the database, the key is stored unencrypted. So all system admin / backup operator have immediate access.
@jnweiger same with wopi tokens. this info is not user password like, and should be accessible to administrators. the same as with config files for owncloud.
Fixed in #529 - personal settings page no longer exposes the key.
Seen with richdocuments-4.1.0-rc.1