Project

General

Profile

Actions
Copy link

Task #105651

closed

Please add blinded configuration for 'TYPO3_DB' DB-Configuration user and password for $GLOBALS['TYPO3_DB'] in GlobalVariableProvider::$blindedConfigurationOptions

Added by Heiko Dietrich 1 day ago. Updated about 15 hours ago.

Status:
Rejected
Priority:
Should have
Assignee:
Oliver Hader
Category:
Security
Target version:
Candidate for patchlevel
Start date:
2024-11-20
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
12
PHP Version:
8.1
Tags:
security database
Complexity:
trivial
Sprint Focus:

Description

Please add blinded configuration for 'TYPO3_DB' DB-Configuration from typo3db_legacy-extension user and password for $GLOBALS['TYPO3_DB'] in 2743b/typo3/sysext/lowlevel/Classes/ConfigurationModuleProvider/GlobalVariableProvider.php#L29-L67

$GLOBALS['TYPO3_DB'] is set here https://github.com/FriendsOfTYPO3/typo3db_legacy/blob/main/ext_localconf.php#L68

Please add in all LTS and ELTS-Versions!

Actions
Copy link
 #2

Updated by Garvin Hicking about 15 hours ago

  • Status changed from New to Rejected

Not sure I understand... the typo3_db legacy extension would need to implement the ModifyBlindedConfigurationOptionsEvent event to modify these values. The core will not add extension specific or legacy options to the default array.

Please let me know if I misunderstood something and thanks for taking the time to report your issue!

Actions
Copy link

Also available in: Atom PDF