[PATCH] smb: client: Don't log plaintext credentials in cifs_set_cifscreds
Steve French
smfrench at gmail.com
Thu Feb 26 23:27:02 UTC 2026
Added to cifs-2.6.git for-next pending additional testing (also added
the Acked-by)
On Thu, Feb 26, 2026 at 3:41 PM Paulo Alcantara <pc at manguebit.org> wrote:
>
> Thorsten Blum <thorsten.blum at linux.dev> writes:
>
> > When debug logging is enabled, cifs_set_cifscreds() logs the key
> > payload and exposes the plaintext username and password. Remove the
> > debug log to avoid exposing credentials.
> >
> > Fixes: 8a8798a5ff90 ("cifs: fetch credentials out of keyring for non-krb5 auth multiuser mounts")
> > Cc: stable at vger.kernel.org
> > Signed-off-by: Thorsten Blum <thorsten.blum at linux.dev>
> > ---
> > fs/smb/client/connect.c | 1 -
> > 1 file changed, 1 deletion(-)
>
> Acked-by: Paulo Alcantara (Red Hat) <pc at manguebit.org>
--
Thanks,
Steve
More information about the samba-technical
mailing list