Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-1617

MySQL passwords are stored as plaintext in environment variables

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Done
    • Critical
    • 2.4 GA
    • 2.3 GA
    • OSE Templates

    Description

      Passwords should be stored as secrets not plaintext. This could pose a security issue for some customers.

      Passwords for system-mysql are exposed via the following environment variables (this list might not be extensive):

      • MYSQL_USER_PASSWORD
      • MYSQL_ROOT_PASSWORD
      • DATABASE_URL

      Attachments

        Activity

          People

            msorianod Miguel Soriano
            rhn-support-keprice Kevin Price
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: