Bug 6707 – SN password is saved to pref file in plain text.

Bug 6707 - SN password is saved to pref file in plain text.

Summary:

SN password is saved to pref file in plain text.

Status:	CLOSED FIXED

Product:	Logitech Media Server
Classification:	Unclassified
Component:	SqueezeNetwork Integration
Version:	7.0
Platform:	PC Windows Vista

Importance:	P2 normal (vote)
Target Milestone:	---
Assigned To:	Andy Grundman

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-01-21 14:57 UTC by Dan Evans
Modified:	2008-12-18 11:12 UTC (History)
CC List:	1 user (show)

See Also:
Category:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dan Evans 2008-01-21 14:57:12 UTC

Seems insecure?

Comment 1 Mark Miksis 2008-01-21 21:28:18 UTC

Related to bug 4264

Comment 2 KDF 2008-01-22 20:47:21 UTC

a bit indirect, however.  we use crypt for other passwords in the prefs file, so we should be doing the same here.

Comment 3 Andy Grundman 2008-01-22 21:15:20 UTC

I'll fix it to store the password in SHA1.  The SN login method has been improved to not require a plaintext password to be sent, so no reason to keep it in plaintext.

Comment 4 Andy Grundman 2008-01-23 08:20:18 UTC

Fixed in change 16651.

Comment 5 Chris Owens 2008-03-07 09:03:28 UTC

This bug is being closed since it was resolved for a version which is now released!  Please download the new version of SqueezeCenter (formerly SlimServer) at http://www.slimdevices.com/su_downloads.html

If you are still seeing this bug, please re-open it and we will consider it for a future release.