← Back to team overview

maria-discuss team mailing list archive

Re: How do I determine if versions of phpMyAdmin before 4.8.5 is SQL Injectable using sqlmap?


Am 17.04.19 um 22:39 schrieb Jeff Dyke:
> How can you say it doesn't scale when you have now idea how i'm set up. 
> I had to add 5 users yesterday, took 5-10 (mostly talking to people)
> minutes.  Using a config mgmt system i set up ssh and mysql in the same
> single call to multiple database servers some users will have multiple
> logins based on the ability to read and the ability to write, which
> based on the configured security group.  It scales quite well indeed and
> i don't have to worry about a php application were security risks are
> more prone to come with each update.  Also http-auth takes admin as well.  

yeah, explain ordianry users how to get ssh-certificates all day long
and don't come with "but for the tunnel password auth is enough" when
you weaken the most cruial service on a systemd for a damend web application

Follow ups