Skip to content

couchdb.rb test should not leak admin pw in process table

from /srv/leap/tests/white-box/couchdb.rb:

...
  def couchdb_url(path="", port=nil)
    @port ||= begin
      assert_property 'couch.port'
      $node['couch']['port']
    end
    @password ||= begin
      assert_property 'couch.users.admin.password'
      $node['couch']['users']['admin']['password']
    end
    "http://admin:#{@password}@localhost:#{port || @port}#{path}"
  end
...

with this, it's possible to grab the pw like this:

root     22456  0.0  0.8  64576  3212 ?        S    09:55   0:00 curl --silent --no-buffer --tcp-nodelay -H Content-Type: application/json http://admin:xxxxx@localhost:5984/users/_chan...

please use the /etc/couchdb/couchdb.netrc for this

(from redmine: created on 2014-04-04, closed on 2014-06-23)