[opencms-dev] moving users/passwords/permissions from 6.0.4 to 6.2.1

Pavel Peringer pavel.peringer at qbizm.cz
Tue Jul 18 09:23:47 CEST 2006 

Hello

As I remember from install form, there are 2 different users with passwords.
Both are predefined in DB, so instalation process does not create these 
users.
One is a user who has a DB permission to create or drop database, 
tables, needed by installation.
Second is a "common" user, used by OpenCms to select, insert, update 
tables in OpenCms DB.

Yes, it could be "root" in both cases, but it is a security leak running 
all these processes under root user.
For instalation..ok, if something happend, we are root a and the setup 
have all permission.
But for common running OpenCms is restricted user enough, he need not do 
high permission level operations on DB.
When somebody could write JSP with SQL "drop database .." and if a user 
for connection to DB is granted to all ("root") it is time to say good 
bye for the whole DB..

HTH

Pavel Peringer

Christoph P. Kukulies napsal(a):

>Since my upgrading from a 6.0.4 to 6.2.1 site did not run as smooth as
>expected (under Windows XP and apache2/tomcat5 with proxy mapping of /opencms) -
>it had been pointed out that /update should be included in the mapping
>but fiddling with that was too late yesterday evening when the (intranet)
>site had to be on line this morning again.
>
>Also I did not solve the problem with connecting to the database due to 
>forgotten password.
>
>Can anyone tell me again what these two passwords are for?
>
>1.) root password for setup (is it being set through the setup? or has it to be
>written down for future use and be remembered? 
>
>2.) root password to connect to the database
>
>Ok, I understand this is my fault when I forget it, but I tried a couple
>of tricks (with --skip-grant-tables)  to get the root password of mysql
>changed back, to no avail. Maybe one has to run an interactive mysqld process
>as console application rather than a service. So what,
>I wiped out MySQL totally, installed some 5.0.18 of MySQL and the latest 
>Connector/J. Wiped out the $(CATALINA_HOME)/webapps/ROOT tree having made
>an export of /sites/mysite and /system/modules/org.mysite.frontend.
>
>Now my question: Is that enough? How do I get bask my users into the system
>I'm wondering why my Admin password is still admin. Which part should I
>have exported from the old system to get also the users?
>
>--
>Chris Christoph P. U. Kukulies kukulies (at) rwth-aachen.de
>
>_______________________________________________
>This mail is sent to you from the opencms-dev mailing list
>To change your list options, or to unsubscribe from the list, please visit
>http://lists.opencms.org/mailman/listinfo/opencms-dev
>  
>


-- 
Pavel Peringer                              Qbizm technologies, a.s.
programator                                 ... the art of software.
____________________________________________________________________
www.qbizm-technologies.cz    www.qbizm.cz      www.qbizm-services.cz

More information about the opencms-dev mailing list