For some reason we're saving the database's root password in the front-end. This is presumably to provide the "You have already set a password for this database server" help text when editing a DB server node. But that could just as easily be accomplished without saving the password itself, but just a flag that it had been set.

Is there some other reason we need the DB root password in the front-end?

Comments

The less we save the better.

My best guess is that the verify task for a server uses this.

But then again that password is also in the master_db key in .drush/server_master.alias.drushrc.php

Version:6.x-2.x-dev» 7.x-3.x-dev
Issue summary:View changes

New features need to be implemented in Aegir 3.x, then we can consider back-porting to Aegir 2.x.