Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-59737

Moodle backups should use a non existent domain when anonymizing users

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.3.1
    • Fix Version/s: 3.2.5, 3.3.2
    • Component/s: Backup
    • Labels:
    • Testing Instructions:
      Hide
      Test 1
      1. Before patch
      2. Create a course with a few activities.
      3. Enrol a user as a student.
      4. Create a backup with with 'users', 'anonymize users' and 'user data' (for all activities) selected.
      5. Restore this course, creating a new course and including the user data.
      6. Restore the course a second time, again creating a new course and including the user data
      7. Upgrade
      8. Restore the backup you created and ensure all is fine, without any complaints about user conflicts. Any activities with user data should still have that data, but the users should all be anonymised versions.
      Test 2
      1. Create a course with a few activities.
      2. Enrol a user as a student.
      3. Create a backup with with 'users', 'anonymize users' and 'user data' (for all activities) selected.
      4. Restore this course, creating a new course and including the user data.
      5. Restore the course a second time, again creating a new course and including the user data and ensure all is fine, without any complaints about user conflicts. Any activities with user data should still have that data, but the users should all be anonymised versions.
      Show
      Test 1 Before patch Create a course with a few activities. Enrol a user as a student. Create a backup with with 'users', 'anonymize users' and 'user data' (for all activities) selected. Restore this course, creating a new course and including the user data. Restore the course a second time, again creating a new course and including the user data Upgrade Restore the backup you created and ensure all is fine, without any complaints about user conflicts. Any activities with user data should still have that data, but the users should all be anonymised versions. Test 2 Create a course with a few activities. Enrol a user as a student. Create a backup with with 'users', 'anonymize users' and 'user data' (for all activities) selected. Restore this course, creating a new course and including the user data. Restore the course a second time, again creating a new course and including the user data and ensure all is fine, without any complaints about user conflicts. Any activities with user data should still have that data, but the users should all be anonymised versions.
    • Affected Branches:
      MOODLE_33_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE, MOODLE_33_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-59737_master

      Description

      Currently it changes the email address to be anonx@doesntexist.com, where x is a numerical counting id.

      doesntexist.com is a real domain and appears to be registered to dyndns (at least from my amateur sleuthing).

      Instead something like anonx@moodle.invalid should be used as it is less likely to ever be a domain as .invalid is reserved by RFC2606 for use as an obvious example of an invalid domain.
      There could be a theoretical attack where the domain owner let the domain expire and a malicious actor picks up the domain and has a catchall email address and attempts to reset passwords for the restored accounts.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              markn Mark Nelson
              Reporter:
              devinefran Francis Devine
              Peer reviewer:
              Jun Pataleta
              Integrator:
              Andrew Nicols
              Tester:
              David Mudrák (@mudrd8mz)
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                11/Sep/17