Drush 9: passwords should be scrambled by default when running sql-sanitize
#3086
Comments
|
I'm happy to change this behavior as suggested. PRs welcome. |
|
Should this be backported to Drush 8 (or older?) given how few installs of Drush 9 there are and will be? |
|
Backports to Drush 8 are still being accepted. |
|
Tried to reference this issue in #3341 but did it wrong I guess |
mortenson
pushed a commit
to mortenson/drush
that referenced
this issue
Feb 2, 2018
weitzman
pushed a commit
that referenced
this issue
Feb 3, 2018
|
I think this can be closed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
timcosgrove commentedOct 20, 2017
(Reposted from Drupal slack #drush:)
Minor drush sql-sanitize suggestion:
https://github.com/drush-ops/drush/blob/master/src/Drupal/Commands/sql/SanitizeUserTableCommands.php#L89
The default for password is the literal string "password". This means that, under default options for
sql-sanitize, given a sanitized database, anyone with access can log in as any user. This feels like a security risk, as in theory users with access to lower lifecycle environments could log in as admin and gain knowledge of a production system's settings; or, could log in as other users, and gain knowledge of their correspondance, their own user settings, etc (which should maybe also be sanitized).Would it make sense to create a randomized password by default? Then not only would the users' passwords be scrubbed, but their accounts would become inaccessible (at least without direct DB access, at which point all bets are off.)
I'll provide a PR. Putting this here for documentation's sake.
The text was updated successfully, but these errors were encountered: