Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-1617

MySQL passwords are stored as plaintext in environment variables

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Critical Critical
    • 2.4 GA
    • 2.3 GA
    • OSE Templates

      Passwords should be stored as secrets not plaintext. This could pose a security issue for some customers.

      Passwords for system-mysql are exposed via the following environment variables (this list might not be extensive):

      • MYSQL_USER_PASSWORD
      • MYSQL_ROOT_PASSWORD
      • DATABASE_URL

              msorianod Miguel Soriano
              rhn-support-keprice Kevin Price
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: