8f69048 Bug 829213 - unhashed#user#password visible after changing password

8 files Authored by Noriko Hosoi 7 years ago , Committed by nhosoi 7 years ago ,
    Bug 829213 - unhashed#user#password visible after changing password
    
    https://bugzilla.redhat.com/show_bug.cgi?id=829213
    
    Bug Description: unhashed password is stored in the entry in memory
    when an entry/a password is added or the password is modified.
    The password could be visible by the ordinary search if the type
    "unhashed#user#password" is specified in the attribute list.
    
    Fix Description:
    1. Set "unhashed#user#password" to the forbidden attribute list,
       which is dropped from the search attribute list.
    2. Get effective right does not return "unhashed#user#password"
    3. In the modify operation, adding "unhashed#user#password" to or
       deleting "unhashed#user#password" from the entry never returns
       an error regardless of the attribute value.  Internally, the
       operation is ignored.
    
        
file modified
+8 -1
file modified
+37 -6
file modified
+25 -6
file modified
+17 -0
file modified
+9 -6