SECKEY_ChangeKeyDBPassword() should not overwrite the key database

RESOLVED WONTFIX

Status

NSS
Libraries
P3
normal
RESOLVED WONTFIX
22 years ago
11 years ago

People

(Reporter: Lisa Repka, Assigned: Julien Pierre)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

18 years ago
(This bug imported from BugSplat, Netscape's internal bugsystem.  It
was known there as bug #19614
http://scopus.netscape.com/bugsplat/show_bug.cgi?id=19614
Imported into Bugzilla on 04/18/00 16:16)

...until *after* a successful transformation has been done.  (Otherwise,
an error along the way means some whas changed and some wasn't.)

------- Additional Comments From jsw  07/11/96 01:22 ------- 

We will have to save this one for dogbert

------- Additional Comments From marek  Apr-03-2000 18:05 ------- 

mass resolving LATER and REMIND bugs as WONTFIX (however, if you own one of 
these and have a fix that can be checked into 4.73 [assuming that you have QA 
lined up for it], please contact 4.73 project manager -- angelabu)
(Reporter)

Comment 1

18 years ago
Old bug just moved from internal to bugzilla.  Reopening so I can
reassign it and comment on it.
URL:
Status: RESOLVED → UNCONFIRMED
Summary: SEC_ChangeKeyDBPassword() should not overwrite the key database → SECKEY_ChangeKeyDBPassword() should not overwrite the key database
(Reporter)

Comment 2

18 years ago
Not sure who should own this bug, so assigning to relyea just so it
doesn't get lost.  If not fixed in current NSS, it should at least be
done right in the reworking of the database stuff.
Assignee: jsw → relyea

Updated

18 years ago
Status: UNCONFIRMED → NEW
Ever confirmed: true

Comment 3

18 years ago
Looks like a potential 3.1 thing to investigate.
Status: NEW → ASSIGNED

Updated

18 years ago
Target Milestone: --- → 3.2
Version: unspecified → 3.0

Updated

18 years ago
Target Milestone: 3.2 → 3.3

Updated

17 years ago
Target Milestone: 3.3 → Future
(Assignee)

Comment 4

14 years ago
This API is no longer exposed by NSS . Closing bug as INVALID.
Status: ASSIGNED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → INVALID

Comment 5

14 years ago
The API is not directly exposed, but is still logically exposed if you do a
change password (which calls NSC_SetPin). I'm pretty sure the key database is
being changed in place. This could be dangerous because if something happens
partway through the database change, there is no way to recover.

This is an old bug, and hasn't been worked on because there are usually higher
priorities, but this bug is still valid in the NSS 3.9 database.

If you want to clear it off the plate, a better error code would be 'WONTFIX'.

bob
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
QA Contact: libraries
(Assignee)

Updated

11 years ago
Assignee: rrelyea → julien.pierre.boogz
Status: REOPENED → NEW
(Assignee)

Comment 6

11 years ago
OK, WONTFIX it is, then.
Status: NEW → RESOLVED
Last Resolved: 14 years ago11 years ago
Resolution: --- → WONTFIX
Writing for the dissenting justices :), Nelson wrote: 

This bug is not fixed by the new DB code either, IINM.  
So, I this this is a valid bug to fix.  
If we weren't in a resource crunch, I believe we would fix this.
So, I'd be happier with it having very low priority rather than
being "WONTFIX".
You need to log in before you can comment on or make changes to this bug.