Hi, I've just pushed an update to the Git that encrypt all admins password with the MySQL password() function. This functionality is still optional, but activated by default. I think it should be ok, but it would be wise to still check that it didn't break anything, so I wont release a new DTC version so soon, to give people in this list to test things.
Basically, if there's some things missing, we should simply add few: OR adm_pass=PASSWORD($adm_pass) statements in some MySQL SELECT calls if some. I think it should be ok, because I did some grep in the code, and most SQL statement are written on a single line in DTC (which is on purpose, to be able to grep them... yet another reason to keep that coding standard! :)). The patch is here: http://git.gplhost.com/gitweb/?p=dtc.git;a=commitdiff;h=657286735c4a2b557035620b281f4c8c3d9c9896 I quickly tested the change password function, which works. Now, the patch was sent to master, and not backported to stable. Does any of you think I should backport it to stable-0.32, or do you (like me) think that it's time to release a new stable (eg 0.34, as even numbers will always be used for stable from now on...)? I don't like having too much of a diff between stable and master, it leads to all sorts of annoying issue when coding. How many of you is running the latest Git in production? Thomas -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
