[Koha-bugs] [Bug 20929] koha-dump should not pass a --password argument to mysqldump
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Apr 3 16:28:50 CEST 2019
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20929
Liz Rea <wizzyrea at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |wizzyrea at gmail.com
--- Comment #9 from Liz Rea <wizzyrea at gmail.com> ---
This counter-counter patch creates and chmod the file before the dump begins,
and removes it when we are done with the file. It will be new each day, in case
the password changes on the database. If the file exists for some unforeseen
reason, the contents will be overwritten (and it'll still be deleted at the
end).
The only thing I can think of that might make this better, would be to put the
temp .cnf file in /etc/koha/sites/<instance>/ instead of in /var/spool.
Having sent this patch in, now I'm wondering if we shouldn't just create this
config file per instance when we koha-create, and keep it in
/etc/koha/sites/<instance>
I think I'll do a counter patch for that approach as well, I don't like having
the file with passwords even temporarily in a directory that could potentially
have dodgy permissions (because people [no one I know though] do strange things
with backups sometimes).
I suppose if they've got in there, they've got the DB anyway so eh, not sure it
matters buuuut... /etc/ will be safer and more persistent than /var/spool
anyway.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list