Page MenuHomePhabricator
Create Task
Maniphest T66166

empty password gives bogus error message during installation
Open, MediumPublic
Actions

Description

Change Ib6b05d2d7e8ebb4438d3b0051c33d367f41a9957 fixed the problem where the installer gave an incorrectly-worded error if someone blanked out the user field for the administrative username for the database. But in the process it started producing bogus messages of one left the password for that administrative user blank. If the administrative username is the default (root) and the password is the default (empty), I get this warning:

"Please enter a password for the new database user: root. While it may be possible to create users with no passwords, it is not secure."

But I am not asking it *create* a *new* user at this time, I am asking it to connect as an existing administrative user so that it can use it to create a new database and a new user.

As far as I can tell, this change is accidental, as the commit message says nothing about passwords.

Version: 1.23.0
Severity: minor

Details

Reference
bz64166

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 3:21 AM
bzimport added a project: MediaWiki-Installer.
bzimport set Reference to bz64166.
bzimport added a subscriber: Unknown Object (MLST).
Jjanes created this task.Apr 20 2014, 11:55 PM
Paladox set Security to None.Jul 6 2015, 12:01 AM
Paladox added a subscriber: Aklapper.
saper added a project: Ladies-That-FOSS-MediaWiki.Oct 28 2016, 8:06 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL