Closed Bug 36238 Opened 28 years ago Closed 17 years ago

SECKEY_ChangeKeyDBPassword() should not overwrite the key database

Categories

(NSS :: Libraries, defect, P3)

Product:
NSS
Component:
Libraries
Platform:
All
Other
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX
Milestone:
Future

People

(Reporter: repka, Assigned: julien.pierre)

Details

(This bug imported from BugSplat, Netscape's internal bugsystem.  It
was known there as bug #19614
http://scopus.netscape.com/bugsplat/show_bug.cgi?id=19614
Imported into Bugzilla on 04/18/00 16:16)

...until *after* a successful transformation has been done.  (Otherwise,
an error along the way means some whas changed and some wasn't.)

------- Additional Comments From jsw  07/11/96 01:22 ------- 

We will have to save this one for dogbert

------- Additional Comments From marek  Apr-03-2000 18:05 ------- 

mass resolving LATER and REMIND bugs as WONTFIX (however, if you own one of 
these and have a fix that can be checked into 4.73 [assuming that you have QA 
lined up for it], please contact 4.73 project manager -- angelabu)

Old bug just moved from internal to bugzilla.  Reopening so I can
reassign it and comment on it.
URL:
Status: RESOLVED → UNCONFIRMED
Summary: SEC_ChangeKeyDBPassword() should not overwrite the key database → SECKEY_ChangeKeyDBPassword() should not overwrite the key database
Not sure who should own this bug, so assigning to relyea just so it
doesn't get lost.  If not fixed in current NSS, it should at least be
done right in the reworking of the database stuff.
Assignee: jsw → relyea
Status: UNCONFIRMED → NEW
Ever confirmed: true
Looks like a potential 3.1 thing to investigate.
Status: NEW → ASSIGNED
Target Milestone: --- → 3.2
Version: unspecified → 3.0
Target Milestone: 3.2 → 3.3
Target Milestone: 3.3 → Future
This API is no longer exposed by NSS . Closing bug as INVALID.
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
The API is not directly exposed, but is still logically exposed if you do a
change password (which calls NSC_SetPin). I'm pretty sure the key database is
being changed in place. This could be dangerous because if something happens
partway through the database change, there is no way to recover.

This is an old bug, and hasn't been worked on because there are usually higher
priorities, but this bug is still valid in the NSS 3.9 database.

If you want to clear it off the plate, a better error code would be 'WONTFIX'.

bob
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
QA Contact: libraries
Assignee: rrelyea → julien.pierre.boogz
Status: REOPENED → NEW
OK, WONTFIX it is, then.
Status: NEW → RESOLVED
Closed: 20 years ago17 years ago
Resolution: --- → WONTFIX
Writing for the dissenting justices :), Nelson wrote: 

This bug is not fixed by the new DB code either, IINM.  
So, I this this is a valid bug to fix.  
If we weren't in a resource crunch, I believe we would fix this.
So, I'd be happier with it having very low priority rather than
being "WONTFIX".
You need to log in before you can comment on or make changes to this bug.