[8.920][ANSWERED] Changed tamper protection password, showed in plain text

Hi Sophos E.P. beta testers,

I just realized that after changing the default Tamper Protection password on the Endpoint Protection tab, the new password is visible in plain text in the E.P. log file.

A user with an auditor role, could browse the logfiles and search for this password... [;)]

[FONT="Lucida Console"][SIZE="1"]2012:04:05-12:58:24 asgtest9 epsecd[11477]: T main::top-level:47() => Epsecd starting
2012:04:05-12:58:30 asgtest9 epsecd[11477]: T Epsec::Helpers::Client::init_db:341() => Run initialization database
2012:04:05-13:01:16 asgtest9 epsecd[11477]: >=========================================================================
2012:04:05-13:01:16 asgtest9 epsecd[11477]: T Epsec::Logic::Client::_command:217() => Confd changes:$VAR1 = {
2012:04:05-13:01:16 asgtest9 epsecd[11477]: 'trigger' => {},
2012:04:05-13:01:16 asgtest9 epsecd[11477]: 'objects' => {},
2012:04:05-13:01:16 asgtest9 epsecd[11477]: 'main' => {
2012:04:05-13:01:16 asgtest9 epsecd[11477]: 'epp->tamper_password' => 'my_new_password'
2012:04:05-13:01:16 asgtest9 epsecd[11477]: },
2012:04:05-13:01:16 asgtest9 epsecd[11477]: 'exclusive' => {}
2012:04:05-13:01:16 asgtest9 epsecd[11477]: };[/SIZE][/FONT]

0 cziel over 13 years ago

Hi suzzyx,

transmitting the tamper password protection in the clear will change in the following weeks. You won't get anything in the logs related to the actual password (hashed or not).
I can't give you a Mantis ID for this issue, because it's part of another Mantis ID which has some other dependencies. But I assure you it's taken care of.

The thread will be closed as ANSWERED.

Cheers,
Cristof
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel