Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 91699 - amaroK makes the "apply" button disabled when the password being entered is the same as the one already saved in the audioscrobbler setup dialog.
Summary: amaroK makes the "apply" button disabled when the password being entered is t...
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] KDE (show other bugs)
Hardware: x86 Linux
: High trivial
Assignee: Gentoo KDE team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-05-06 07:41 UTC by Genia Bezman
Modified: 2005-05-06 12:23 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Genia Bezman 2005-05-06 07:41:40 UTC 
Theoretical possibility to guess someone's password by guessing and checking the state of the apply button. It will become disabled when password is right, may be even possible to write an app to perform those steps.

Reproducible: Always
Steps to Reproduce:
1.Open amarok
2.Setting -> configure amaroK
3.Go to AudioScrobbler settings
4.Delete current password, type the new one, button is enabled, type the right one, button is disabled.

Actual Results:  
Button was disabled when password was right.

Expected Results:  
Button state should not indicate the correctness of the password.

[ebuild   R   ] media-sound/amarok-1.2.3  -arts -debug -flac -gstreamer -kde 
+kdeenablefinal -mad -mysql -noamazon -oggvorbis -opengl -visualization +xine -
xinerama -xmms 5,919 kB
[ebuild   R   ] kde-base/kdelibs-3.4.0-r2  +alsa -arts -cups -debug -doc -jpeg2k 
+kdeenablefinal -kerberos -openexr -spell +ssl +tiff -xinerama -zeroconf 0 kB
Comment 1 Carsten Lohrke (RETIRED) gentoo-dev 2005-05-06 12:23:58 UTC 
If you let <world> use your desktop account, you'll probably face bigger problems, than a stolen audioscrobbler acount. Take it upstream if you like, but from my point of view this is a non-issue.