Bug #3313

Security: Log

Added by raztoki over 8 years ago. Updated over 6 years ago.

Status:Waiting for FeedbackStart date:04/18/2011
Priority:UrgentDue date:
Assignee:jiaz% Done:

100%

Category:-
Target version:030 - Version > 2.xxx
Resolution:Wont Fix

Description

about:
users are unaware that their premium account username and passwords can be shown as raw text. Uploading these to public pastebin websites/or hosters in form jdownloader.log exposes them. These public hosting services usually have long life spans, and on occasions unable to remove content. Users tend to use the same usernames and passwords on multiple websites/services (sorry everyone does it, regardless of security implications known or unknown.)

how to fix:
either disable copy paste functions, right click cut/copy and ctrl+x/c force users to only use jdownloader's hosted pastebin service as 'trusted'

or

provide a warning window informing users of risk apon these copy functions.


Related issues

Related to Feature #4149: Grouping: Logging related bugs and features New 01/17/2012

Also available in: Atom PDF