cubicweb #1681974 cubicweb-ctl shell and migration ignores uid [open]
This often lead to executing code as root on production instance. | |
| priority | normal |
|---|---|
| type | enhancement |
| done in | <not specified> |
| load | 2.000 |
| load left | 2.000 |
| closed by | <not specified> |
| patch | [migration] honor uid during migration [rejected] |
similar entities
- cubicweb #1698245 Convert __message to _cwmsgid to increase security
- cubicweb #511718 explain why rql expr insertion doesn't work to ease security debugging
- TheCubicWebBook #656194 CW Administration: how to give dynamic permissions
- cubicweb #1346310 Add `Secure` attribute to cookie when navigating on https
- cubicweb #1381390 Implement HTTP Strict Transport Security for https
[see all]
Comments
-
2011/05/19 08:54, written by pydavid
- Migration that process generic code and modify the database (that should respect the "uid").
- Migration that modify config, source file, i18n stuff etc. (that should still be run as root).
add commentAfter discussion with Sylvain we have to distinct two kinds of migration and shell: