Open weca-theo opened 1 year ago
Database credentials also exposed in plain sight in the QGIS message splash:
Can we at least remove the password string from these kind of messages?
Appreciate this is technically a feature request rather than a bug, but as it poses a security risk could the suggested changes above be implemented as priority? I see no need for passwords to be exposed in this way at all.
What is the bug or the crash?
QGIS 3.22.8
If loading up a QGIS project file whilst your connection to a database is broken, or if you lose database connection whilst browsing QGIS, QGIS will show an 'Enter Credentials' prompt which exposes all Database credentials. Tested only with PostgreSQL.
Sure, the credentials are stored in my project using the 'Basic' method, and can be discoverable in plain text within the .qgs file or within the 'Edit PostGIS Connection' settings, but a light/novice user won't dig that deep. Ultimately, the credentials shouldn't be so easily exposed simply due to a loss of network connection to the DB. At the very least could the prompt hide the password string?
In my example, these particular credentials are for a read-only role, so risk is low. But it still seems like this exposure issue should be fixed.
Steps to reproduce the issue
Open a project containing a PostgreSQL/PostGIS layer, then disconnect from your network. Now observe credentials being exposed.
Versions
QGIS version 3.22.8-Białowieża QGIS code revision 8d5e9761df Qt version 5.15.3 Python version 3.9.5 GDAL/OGR version 3.5.0 PROJ version 9.0.1 EPSG Registry database version v10.064 (2022-05-19) GEOS version 3.10.3-CAPI-1.16.1 SQLite version 3.38.1 PDAL version 2.3.0 PostgreSQL client version 14.3 SpatiaLite version 5.0.1 QWT version 6.1.6 QScintilla2 version 2.13.1 OS version Windows 10 Version 2009
Active Python plugins QGIS3-getWKT 1.4 QuickWKT 3.1 db_manager 0.1.20 processing 2.12.99
Supported QGIS version
New profile
Additional context
No response