Skip to content
This repository has been archived by the owner on Mar 28, 2022. It is now read-only.

[BUG] Encrypted credentials stored in db not deleted. #200

Closed
1 of 7 tasks
bhrg3se opened this issue Nov 29, 2020 · 0 comments · Fixed by #201
Closed
1 of 7 tasks

[BUG] Encrypted credentials stored in db not deleted. #200

bhrg3se opened this issue Nov 29, 2020 · 0 comments · Fixed by #201
Labels
bug Something isn't working security Security related bug or feature

Comments

@bhrg3se
Copy link
Member

bhrg3se commented Nov 29, 2020

Describe the bug:

SQL query of function TsxvDeleteSecret is wrong.

_, err := s.DB.Exec("DELETE FROM service_keyvault WHERE org_id = $1 AND secret_id = $2 AND secret_id=$3 AND secret_type=$4", orgID, serviceID, secretid, secretType)

the second argument should be service_id not secret_id

Expected behavior:

Credentials should be deleted when a user tries to delete them.

Scope of issue:

  • TRASA codebase
  • dashboard
  • server
  • mobile app
  • browser extension
  • device agent
  • website/docs
@bhrg3se bhrg3se added bug Something isn't working security Security related bug or feature labels Nov 29, 2020
@bhrg3se bhrg3se mentioned this issue Nov 29, 2020
Merged
bhrg3se added a commit that referenced this issue Nov 29, 2020
@bhrg3se
fix: [server] fixed #200
fa708eb
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working security Security related bug or feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: [server] fixed delete tsx delete secret sql seknox/trasa
1 participant
@bhrg3se