Changeset 2117 for alternc/trunk/debian/changelog

Timestamp:

04/13/08 06:35:19 (5 years ago)

Author:

anarcat

Message:

Major redesign of the MySQL backend interface to fix a security issue.
See: #318.

As of now, the MySQL configuration used everywhere by AlternC is not
stored in the main configuration file (/etc/alternc/local.sh) but in a
MySQL configuration file in /etc/alternc/my.cnf, which enables us to
call mysql without exposing the password on the commandline.

The changes here are quite invasive but will allow us to factor out
the MySQL configuration better. See #364.

This includes a partial rewrite of the mysql.sh logic, which is now ran
from the postinst script (and not alternc.install) which will allow us
to actually change the MySQL root user properly. See #601.

This commit was tested like this:

• clean install on etch (working)
• upgrade from a clean 0.9.7 (working)

File:

• alternc/trunk/debian/changelog (modified) (1 diff)

alternc/trunk/debian/changelog

@@ -1 +1 @@
 alternc (0.9.7+dev) stable; urgency=low UNRELEASED
 
+  * move mysql configuration into a valid MySQL configuration file
+    (/etc/alternc/my.cnf). This fixes a serious security issue (#318)
+    where the MySQL root password was passed on the commandline.  Those
+    changes are pretty invasive and might break upgrades, cron jobs and
+    your cat...
   * standardisation of the web interface, along with some esthetic changes, by
     Marc Angles, sponsored by Koumbit