Closed Bug 36238 Opened 29 years ago Closed 18 years ago

SECKEY_ChangeKeyDBPassword() should not overwrite the key database

Categories

(NSS :: Libraries, defect, P3)

All
Other
defect

Tracking

(Not tracked)

RESOLVED WONTFIX
Future

People

(Reporter: repka, Assigned: julien.pierre)

Details

(This bug imported from BugSplat, Netscape's internal bugsystem. It was known there as bug #19614 http://scopus.netscape.com/bugsplat/show_bug.cgi?id=19614 Imported into Bugzilla on 04/18/00 16:16) ...until *after* a successful transformation has been done. (Otherwise, an error along the way means some whas changed and some wasn't.) ------- Additional Comments From jsw 07/11/96 01:22 ------- We will have to save this one for dogbert ------- Additional Comments From marek Apr-03-2000 18:05 ------- mass resolving LATER and REMIND bugs as WONTFIX (however, if you own one of these and have a fix that can be checked into 4.73 [assuming that you have QA lined up for it], please contact 4.73 project manager -- angelabu)
Old bug just moved from internal to bugzilla. Reopening so I can reassign it and comment on it.
URL:
Status: RESOLVED → UNCONFIRMED
Summary: SEC_ChangeKeyDBPassword() should not overwrite the key database → SECKEY_ChangeKeyDBPassword() should not overwrite the key database
Not sure who should own this bug, so assigning to relyea just so it doesn't get lost. If not fixed in current NSS, it should at least be done right in the reworking of the database stuff.
Assignee: jsw → relyea
Status: UNCONFIRMED → NEW
Ever confirmed: true
Looks like a potential 3.1 thing to investigate.
Status: NEW → ASSIGNED
Target Milestone: --- → 3.2
Version: unspecified → 3.0
Target Milestone: 3.2 → 3.3
Target Milestone: 3.3 → Future
This API is no longer exposed by NSS . Closing bug as INVALID.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
The API is not directly exposed, but is still logically exposed if you do a change password (which calls NSC_SetPin). I'm pretty sure the key database is being changed in place. This could be dangerous because if something happens partway through the database change, there is no way to recover. This is an old bug, and hasn't been worked on because there are usually higher priorities, but this bug is still valid in the NSS 3.9 database. If you want to clear it off the plate, a better error code would be 'WONTFIX'. bob
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
QA Contact: libraries
Assignee: rrelyea → julien.pierre.boogz
Status: REOPENED → NEW
OK, WONTFIX it is, then.
Status: NEW → RESOLVED
Closed: 20 years ago18 years ago
Resolution: --- → WONTFIX
Writing for the dissenting justices :), Nelson wrote: This bug is not fixed by the new DB code either, IINM. So, I this this is a valid bug to fix. If we weren't in a resource crunch, I believe we would fix this. So, I'd be happier with it having very low priority rather than being "WONTFIX".
You need to log in before you can comment on or make changes to this bug.