fbctf icon indicating copy to clipboard operation
fbctf copied to clipboard
verified publisher icon facebookarchive

Don't Set MySQL Root Password (#155)

Open shlykov opened this issue 9 years ago • 2 comments

Added generation random password of root database user and ctf apps user for production mode Added output notify message with root database password

shlykov avatar Oct 28 '16 09:10 shlykov

I was actually a bit hesitant about this at first, considering the number of people who did not see the admin password printed out during provision (and asked about it), the fact that the DB password isn't as important as the admin password because most production deployments of fbctf don't expose the DB to the outside world, and finally because forgetting the admin password isn't a big deal because it's easy to reset, but reseting the mysql password is a pain in the ass.

But since we write the password to the settings.ini file, this should be fine. Going to wait for @javuto to give his opinion first.

gsingh93 avatar Oct 29 '16 01:10 gsingh93

This is a good idea and I agree with @gsingh93 that could be a bit risky. Instead of doing it by default, we could have the option as a command line switch. Also, this PR can be extended to take existing username/password for the MySQL access.

javuto avatar Oct 31 '16 19:10 javuto