0011038: allow_signup can not be set in database

ID	Project	Category	View Status	Date Submitted	Last Update
0011038	mantisbt	administration	public	2009-10-14 07:38	2010-04-23 23:22

Reporter	atrol	Assigned To	jreese
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	won't fix
Product Version	1.2.0rc2

Summary	0011038: allow_signup can not be set in database
Description	in 1.1.x allow_signup can be disabled by database configuration, now I am told to change this in config_inc.php. I use as much configuration in database as possible. At first glance this seems to be a step backwards for me. Maybe you changed this, because the customization can be set per project and per user in 1.1 which makes not much sense. A configuration in database for the whole instance might be the right solution?
Tags	No tags attached.

jreese 2009-10-14 08:50 reporter ~0023183	Setting "sensitive" or "global" configuration values in the database is generally discouraged for reasons of preventing loopholes in policy or security due to the way that database config values can be set on a per-project or per-user basis. However, there is a list of these "disallowed" values in the config_defaults_inc.php ($g_global_settings), so if you really want to allow these sorts of values to be stored in the database regardless of their sensitive nature (ie, you trust your database to not be compromised), then you can override that value in your config_inc.php to suit your own preferences.

atrol 2009-10-14 11:22 developer ~0023191	Funny: I have to change sourcecode to be able not to have change sourcecode ;-) No, I will not change your sourcecode, as you certainly know better than me why things are as they are. I want to stay as near as possible at your standard. So I have to change config_inc.php Or you will read this and maybe change something in future: If you changed the behaviour because database can be compromised you would also have to disallow further configurations which can be used by bad guys, for example: default_home_page (which at the other side makes sense per project and per user) Please don't add this parameter to your list, I customized it in my database ;-) I think if database is compromised, there are many things which could be done by an MantisBT expert. Customization is only one part where a compromised database would be a problem. But a compromised database can hardly be more problematic than for example a compromised config_defaults_inc.php or config_inc.php? I see two aspects: 1)Security: Where I don't know which is worse, a compromised database or a compromised file system 2)Global customization where customization per project and user makes no sense If you agree with me, please reopen the issue, maybe not as a bug but as a feature request: Customization of instance wide parameters in database Customization of project wide parameters in database (where customization per user makes no sense) If you don't agree, please take the time to comment my thoughts.

jreese 2009-10-14 11:38 reporter ~0023192	I'm not asking you to change any sourcecode; I was suggesting that you override a configuration option that specifies what configuration options are allowed in the database. Overriding the setting in config_inc.php will still allow you to stay perfectly in sync with a "standard" installation. :) Now, I'm not the one that made this change to Mantis. However, I'm probably not going to be able to come to an agreement with you anyways, because I have a strong preference towards keeping as much configuration in config_inc.php as possible, because database configurations are not as transparent or easily modifiable as a file is. But then again, I'm not "normal" in any meaning of the word. :P

vboctor 2009-10-28 03:15 manager ~0023437	Should this be resolved as a won't fix?

View Issue Details

Activities