From 433ab8e6d309a2174c5b523f3a6c354f14f61587 Mon Sep 17 00:00:00 2001 From: Robert Lyon Date: Tue, 23 May 2017 14:12:50 +1200 Subject: [PATCH] Bug 1692749: Security: Stop event log having plain text passwords This patch only deals with: 1) removing passwords from existing event_log table data 2) stopping the recording of passwords into the event_log table 3) sets the reset password on next login for those users It doesn't deal with removing the unnecessary cruft information that will be handled by the bug 1692385 behatnotneeded Change-Id: Id29148f78fa6918f5f5afcb89d211ccb3b60c95b Signed-off-by: Robert Lyon --- htdocs/lib/db/upgrade.php | 25 +++++++++++++++++++++++++ htdocs/lib/mahara.php | 3 +++ htdocs/lib/version.php | 2 +- 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/htdocs/lib/db/upgrade.php b/htdocs/lib/db/upgrade.php index 56744873db..ca576aa4f3 100644 --- a/htdocs/lib/db/upgrade.php +++ b/htdocs/lib/db/upgrade.php @@ -4975,5 +4975,30 @@ function xmldb_core_upgrade($oldversion=0) { } } + if ($oldversion < 2017052300) { + if ($records = get_records_sql_array("SELECT event, data, time FROM {event_log} WHERE event = ?", array('createuser'))) { + log_debug('Remove sensitive data from event_log'); + $count = 0; + $limit = 1000; + $total = count($records); + foreach ($records as $record) { + $where = clone $record; + $data = json_decode($record->data); + if (isset($data->password)) { + unset($data->password); + $cleandata = json_encode($data); + $record->data = $cleandata; + update_record('event_log', $record, $where); + set_field('usr', 'passwordchange', 1, 'username', $data->username); + } + $count++; + if (($count % $limit) == 0 || $count == $total) { + log_debug("$count/$total"); + set_time_limit(30); + } + } + } + } + return $status; } diff --git a/htdocs/lib/mahara.php b/htdocs/lib/mahara.php index f6c514b5cf..918519d5e1 100644 --- a/htdocs/lib/mahara.php +++ b/htdocs/lib/mahara.php @@ -1869,6 +1869,9 @@ function handle_event($event, $data) { ); } else if (is_object($data)) { + if (isset($data->password)) { + unset($data->password); + } $data = (array)$data; } else if (is_numeric($data)) { diff --git a/htdocs/lib/version.php b/htdocs/lib/version.php index 6ce19b6da1..be6d5611b5 100644 --- a/htdocs/lib/version.php +++ b/htdocs/lib/version.php @@ -16,7 +16,7 @@ $config = new stdClass(); // See https://wiki.mahara.org/wiki/Developer_Area/Version_Numbering_Policy // For upgrades on stable branches, increment the version by one. On master, use the date. -$config->version = 2017051100; +$config->version = 2017052300; $config->series = '17.10'; $config->release = '17.10dev'; $config->minupgradefrom = 2012080604; -- GitLab