Password data leakage when using external authentication
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	RyanLane
	Aug 9 2012, 12:40 AM

Description

MediaWiki stores passwords in the local database under a number of circumstances. Auth plugins were taking steps to avoid this, but there's a number of ways in which core makes it impossible.

AuthPlugin should have a method that tells core whether it should or should not store the password locally.

Version: 1.19.1
Severity: normal

Details

Reference: bz39184

Event Timeline

• bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 1:06 AM

• bzimport added projects: MW-1.19-release, MediaWiki-General.

• bzimport set Reference to bz39184.

• bzimport added a subscriber: Unknown Object (MLST).

RyanLane created this task.Aug 9 2012, 12:40 AM

Patch to fix the issue in core.

Attached:

fix_dataleakage.patch1 KBDownload

If your MediaWiki installation doesn't allow local authentication, and only allows external authentication, then you should purge all passwords from your MediaWiki database:

UPDATE user SET user_password='';

If your installation has a mix of users that use local authentication and external authentication you should purge the user_password field for the external users, but not for the local users. Unfortunately, there's no easy way to tell which users are external and which are local, you'll need to determine that yourself.

Unhiding patch since it got release publicly.

• csteipp added a project: acl*security.Mar 26 2015, 8:39 PM

• chasemp added a project: Security.Feb 10 2020, 10:53 PM

• chasemp removed a project: acl*security.Feb 20 2020, 8:14 PM

	F10072: fix_dataleakage.patch
	Nov 22 2014, 1:06 AM

Password data leakage when using external authenticationClosed, ResolvedPublicActions

Description

Details

Event Timeline

Password data leakage when using external authentication
Closed, ResolvedPublic
Actions