#93 Critical unauthorized delete in view only mode


The XCA database can be opened without inputting the db password by clicking the cancel button, the database owner should have an option to disable this feature.

Also, when viewing a database without the password, the user can DELETE the private keys and other stuff without the password, which could cause critical losses in case of unauthorized database access.

I believe the delete feature should ask for the password first, a password-free should only allow view of the contents of the database.


  • Christian Hohnstaedt

    It is not a feature, but reflects the effective permission.
    The user may delete or view items via XCA, because he has File-access permissions. He could do the same without XCA but a HEX-Editor, just less comfortable.
    He also could easily delete the whole database by the windows file explorer.
    If you want security, restrict access to the database on file-system/operating-system level.
    Any of your proposals would only increase the "sensed security" while hiding the permission issue.
    Because of the "Open-without-password behavior", people start thinking about the protection of the XCA database file as you did, which is generally good.

  • Achraf52

    Achraf52 - 2014-06-19

    Thank you for your reply about my bug report, I do agree on your thoughts and I've changed my mind about my above piece of advice.

    Please give me some ideas on how I can protect the database file at the OS level and File System level, if possible, also refer me to open source software that can do this under Windows. I really want a reliable way to prevent unauthorized database deletion.

  • Christian Hohnstaedt

    I'm not very familiar with Microsoft Windows, but google pointed me to this: http://technet.microsoft.com/en-us/library/bb727008.aspx

    You need different windows logins. Only those people allowed to access the database should login with the same windows username.

  • Christian Hohnstaedt

    • status: open --> closed-wont-fix

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks