[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debconf db_input in postinst / horde2



On Fri, Dec 12, 2003 at 10:42:34AM -0800, Josh Lauricha wrote:
> On Fri 12/12/03 10:59, Jamin W. Collins wrote:
> > In this particular case it's a concern about not storing a DB admin
> > password in debconf yet still being able to properly remove a package
> > created DB if the user has requested the package do so on purge.

> Perhaps a db user created on install with a random passwd (chmod 0600),
> saved under /etc which only has permission to drop the database. Like
> mysql uses to restart the database. of course, this is just moving the
> problem to a different file, but if the server is local, anyone with
> root access can just delete the database by hand anyhow.

This solution has a prerequisite of the package postinst script being
permitted to *create* such a user, as well as granting it the desired
privileges.  This hardly seems a worthwhile trade-off.

-- 
Steve Langasek
postmodern programmer

Attachment: pgpW8uAq0q5ee.pgp
Description: PGP signature


Reply to: