Ticket #80 (Fixed)Fri Oct 27 16:37:06 UTC 2006
Find solution to sensitive files held in SVN
Reported by: | Andrew Hodgkinson (6) | Severity: | Normal |
Part: | Repository: Subversion | Release: | |
Milestone: | Status | Fixed |
Details by Andrew Hodgkinson (6):
Rails database.yml configuration files contain the database access password. Since the database listens on Unix domain sockets anyway this information is not immediately useful, but it’s still not good to have such information exposed and present potential hackers with data that could be very helpful in an attack.
Other than simply checking in all SVN sources to a clean, new repository in the ROOL account, losing the revision history – which might actually be desirable in some respects, but we’d have to clear the tickets database too since it refers to Changesets that would vanish – is there a way of nuking those files without killing the rest of the repository?
As a side note, the chances of accidentally committing the same file again in a future update are relatively high so it isn’t necessarily worth bothering to address this problem unless the commit aspect is considered too.
Changelog:
Modified by Andrew Hodgkinson (6) Fri, November 10 2006 - 21:48:56 GMT
See also Ticket #87, which faces a related issue.
Modified by Andrew Hodgkinson (6) Fri, December 01 2006 - 17:49:48 GMT
- Status changed from Open to Fixed
Uncomfortable though exposing a password in a database.yml might feel, there really is no way to access the database from outside the server. If someone has already got far, database.yml files are the very last of anyone’s worries.
These files don’t contain truly sensitive data. In time, it may be necessary to come up with a scheme to block certain files from access, but that time hasn’t come yet. Hopefully I wont’ regret it :-)
but for now I’m going to close the ticket.