Don't echo the db connection string at command line prompt
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	gmodena
	Mar 15 2021, 11:15 AM

Description

The migrations/ingest.py script takes a number of command line arguments.

Since this script might run on multi-user systems with interactive logins,
we should make sure that sensible data is not passed as a command line argument (and
accidentally exposed by the output of ps & c).

Details

	Subject	Repo	Branch	Lines +/-
	Read ingest.py parameters from env variables.	mediawiki/services/similar-users	main	+5 -5

Customize query in gerrit

Related Objects
Search...

Status	Assigned	Task
Open	None	T259471 Sockpuppet detection API [low effort]
Resolved	None	T265722 New Service Request: Sockpuppet Detection
Resolved	gmodena	T277453 Don't echo the db connection string at command line prompt

Event Timeline

gmodena created this task.Mar 15 2021, 11:15 AM

Change 672370 had a related patch set uploaded (by Gmodena; owner: Gmodena):
[mediawiki/services/similar-users@main] Read ingest.py parameters from env variables.

https://gerrit.wikimedia.org/r/672370

gerritbot added a project: Patch-For-Review.Mar 15 2021, 11:33 AM

Change 672370 merged by jenkins-bot:

[mediawiki/services/similar-users@main] Read ingest.py parameters from env variables.

https://gerrit.wikimedia.org/r/672370

gmodena mentioned this in rMSSUdcae8be6ce57: Read ingest.py parameters from env variables..Apr 8 2021, 3:45 PM

Maintenance_bot removed a project: Patch-For-Review.Apr 8 2021, 4:10 PM

Adding Platform Engineering as Platform Team Workboards (Green) was archived and as open tasks should have an active project tag

gmodena closed this task as Resolved.Nov 16 2021, 9:46 AM

Don't echo the db connection string at command line prompt Closed, ResolvedPublicActions

Description

Details

Related ObjectsSearch...

Event Timeline

Don't echo the db connection string at command line prompt
Closed, ResolvedPublic
Actions

Related Objects
Search...