[rt-users] Encrypting the DB password in RT_Siteconfig
Alex Vandiver
alexmv at bestpractical.com
Tue Jan 7 17:44:36 EST 2014
On Tue, 2014-01-07 at 21:36 +0000, Brent Wiese wrote:
> Is there a way to use an encrypted value for $DatabasePassword in
> RT_Siteconfig?
What, exactly, do you mean by "encrypted"? RT clearly needs to have
access to the plaintext password to pass to the MySQL authentication
process, so there is nothing that can prevent some part of the RT
internals from knowing the plaintext.
The fact that the password is in plaintext is one of the reasons why
RT_Config.pm is 0440 and generally owner root and group apache; this
prevents arbitrary users from seeing it. If you're looking to prevent
it from being gleaned from accidental reading by someone who can read
the file, you can simply rot13 it:
my $rot13 = sub {
my $s = shift; $s =~ tr/A-Za-z/N-ZA-Mn-za-m/; $s
};
Set( $DatabasePassword, $rot13->("cnffjbeq") );
- Alex
More information about the rt-users
mailing list