Sebastian Mendel a écrit :
Hi,
even if it is a good feature to run phpMyAdmin out of the box on a dev system with root and no pw i think we should limit this ...
Do you mean for auth_type = 'config' or for all auth_types?
We already have a warning message: if ($server != 0 && $cfg['Server']['user'] == 'root' && $cfg['Server']['password'] == '') { echo '<div class="warning">' . $strInsecureMySQL . '</div>' . "\n"; }
that works for all auth_types (even if the message talks about their configuration file having these insecure settings).
The problem with this message, is that many users do not understand it and react with fear.
But some consultants just do the default MySQL installation and install apps relying on root with no password, so our message "breaks" the apps when a user suddenly adds a password for root.
possible we could add an config switch and/or version check
if version is dev, from svn or forced by config ($cfg['allow_root_with_no_pw']) allow root with no pass
if version is release deny root with no password (except it is forced by config switch to be allowed)
and phpMyAdmin should trigger_error to log this error and report a generic security error message to the user 'security error, please check php errror log for further details'
what do you think about?
I would avoid adding a new cfg because I fear what distros will do: just set it to true by default?
I think logging this error with trigger_error is a good improvement.
I guess you would like to remove the strInsecureMySQL message?