[pkg-bacula-devel] Bug#941134: bacula-director-mysql: Script grant_mysql_privileges always set password XXX_DBPASSWORD_XXX
Sven Hartge
sven at svenhartge.de
Wed Sep 25 18:35:21 BST 2019
On Wed, 25 Sep 2019 14:53:32 +0200 Hostinet <soporte at hostinet.com> wrote:
> Script /usr/share/bacula-director/grant_mysql_privileges line 11:
> db_password=XXX_DBPASSWORD_XXX
This script (or any other script /usr/share/bacula-director/) in is
never used by Debian to setup the database or grant MySQL permissions,
so the template password in there is no problem or risk.
The scripts in /usr/share/bacula-director/ serve as an example for the
administrator on how to setup the database manually, if they so choose.
In that case the administrator is expected to edit the scripts to suit
their needs.
On the other hand, if the template password would be automatically
replaced by the password chosen (or autogenerated) during the package
installation, it would be world-readable, creating a security problem.
Grüße,
Sven.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-bacula-devel/attachments/20190925/e263c072/attachment.sig>
More information about the pkg-bacula-devel
mailing list