-
671906 - show the password correctly in sql-connect this fixes a regression introduced in the previous commit where the secure credentials passing was also applied to sql-connect. this obviously breaks because the tempfile is gone. this also sets sql-sync to pass the password around insecurely if it is dealing with remote hosts this is kind of dirty, and would be better accomplished by turning sql_get_credentials() into a parser that would return an array that could be *then* fixed by calling functions, as necessary.
-
fix sql-connect test: the order of arguments changed
-
671906 - show the password correctly in sql-connect this fixes a regression introduced in the previous commit where the secure credentials passing was also applied to sql-connect. this obviously breaks because the tempfile is gone. this also sets sql-sync to pass the password around insecurely if it is dealing with remote hosts this is kind of dirty, and would be better accomplished by turning sql_get_credentials() into a parser that would return an array that could be *then* fixed by calling functions, as necessary.
-
Issue #671906: securely pass the password to mysql it was necessary to rewire parts of mysqldump so that the --defaults-file argument is first, which is a constraint of the mysql* binaries we only put the password in the file to avoid having both the user and password leaked if the file is mistakenly published
-
Issue #671906: securely pass the password to mysql it was necessary to rewire parts of mysqldump so that the --defaults-file argument is first, which is a constraint of the mysql* binaries we only put the password in the file to avoid having both the user and password leaked if the file is mistakenly published
-
Issue #671906: securely pass the password to mysql it was necessary to rewire parts of mysqldump so that the --defaults-file argument is first, which is a constraint of the mysql* binaries we only put the password in the file to avoid having both the user and password leaked if the file is mistakenly published
-
Issue #671906: securely pass the password to mysql it was necessary to rewire parts of mysqldump so that the --defaults-file argument is first, which is a constraint of the mysql* binaries we only put the password in the file to avoid having both the user and password leaked if the file is mistakenly published
-
add initial code
-
1108810 - protect the complete private files directory as a bonus, we improve this by using a simpler Directory directive instead of DirectoryMatch
-
make sure the webserver also has write access to the files directories this ensures that uploads from SFTP or SSH users are writable by the webserver