Don't leak passwords through kdb5_ldap_util command line arguments.

ticket 1948

1 files changed, 10 insertions, 2 deletions

diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index ad89e87d6..70cbe62a2 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -336,9 +336,17 @@ class KrbInstance(service.Service):
 
         if not replica:
             #populate the directory with the realm structure
-            args = ["kdb5_ldap_util", "-D", "uid=kdc,cn=sysaccounts,cn=etc,"+self.suffix, "-w", self.kdc_password, "create", "-s", "-P", self.master_password, "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"]
+            args = ["kdb5_ldap_util", "-D", "uid=kdc,cn=sysaccounts,cn=etc,"+self.suffix, "create", "-s", "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"]
+            dialogue = (
+                # Password for "uid=kdc,cn=sysaccounts,cn=etc,...":
+                self.kdc_password + '\n',
+                # Enter KDC database master key:
+                self.master_password + '\n',
+                # Re-enter KDC database master key to verify:
+                self.master_password + '\n',
+            )
             try:
-                ipautil.run(args, nolog=(self.kdc_password, self.master_password))
+                ipautil.run(args, nolog=(self.kdc_password, self.master_password), stdin=''.join(dialogue))
             except ipautil.CalledProcessError, e:
                 print "Failed to populate the realm structure in kerberos", e