Comments (12)
ktaragorn
commented on July 23, 2024
im thinking set :db_push_enabled, true, perhaps false is a safe default. This way u can set it seperately in each stage if needed
from capistrano-db-tasks.
yourivdlans
commented on July 23, 2024
I agree, something like this would feel much safer.
from capistrano-db-tasks.
regedarek
commented on July 23, 2024
+1
from capistrano-db-tasks.
numbata
commented on July 23, 2024
-1 :)
I think it is "oversafing". You can't do "db:push", but you still can "ssh && rm -rf" on production :)
If someone doesn't read prompt asking and always answer "Yes" - it's looks like roulette game. The shotgun can shoot with "db:push" or with "rm -rf".
from capistrano-db-tasks.
ktaragorn
commented on July 23, 2024
Its 2 characters to change push to pull.. whereas its a lot more to type ssh ... and rm -rf.. That isnt much of an argument. I can by that argument even prove that this gem is useless...
Anyway, this request isnt meant to be security in the system security sense.. but more from casual mistakes.
from capistrano-db-tasks.
numbata
commented on July 23, 2024
I agree with you only if there aren't messages, warnings and prompts in this situation.
I don't say "it's a security issue", i think it's a problem of attention and careful to what developer enter to the console.
"ssh & rm-rf" is only one example. There are a lot of examples with 2 characters steps from good to evil. Like "oops, i pushed instead of pulling" with git.
from capistrano-db-tasks.
ktaragorn
commented on July 23, 2024
I would say (I may be wrong) that you are much more likely to pull than push with this tool, which makes it reasonable to think that a push might be a mistake.
Whereas git push is more likely and less destructive. And github has a readonly mode...
from capistrano-db-tasks.
PanfilovDenis
commented on July 23, 2024
@ktaragorn, I solve you problem!
https://gist.github.com/PanfilovDenis/8735df7a49cca6709348
copy with gist in you shell and use ultra_safe_cap as cap command. It's really very safe! :D
from capistrano-db-tasks.
Jesus
commented on July 23, 2024
I agree with @ktaragorn, this tool is often used for pulling the database. In most situations doing a push instead of a pull would have catastrophic consequences.
@IntractableQuery has already added a parameter disallow_pushing to tackle this problem, see commit ae25656. Looks like this has even been released already.
I'd even go further and set that setting to true by default. Otherwise, I guess this issue could be closed.
from capistrano-db-tasks.
Jesus
commented on July 23, 2024
Looks like @r00k would agree: https://twitter.com/r00k/status/603659635220951040
from capistrano-db-tasks.
sibsfinx
commented on July 23, 2024
As @Jesus pointed out, for capistrano 3 there's disallow_pushing option.
If you need the same for capistrano 2, check my fork https://github.com/sibsfinx/capistrano-db-tasks/tree/0.2.x
gem 'capistrano-db-tasks', github: 'sibsfinx/capistrano-db-tasks', branch: '0.2.x', require: false
from capistrano-db-tasks.
numbata
commented on July 23, 2024
close this issue with solution:
if you are highly paranoid and want to prevent any push operation to the server
set :disallow_pushing, true
from capistrano-db-tasks.
Related Issues (20)
- undefined method `zone' for Time:Class HOT 2
- NoMethodError: undefined method `zone' for Time:Class HOT 2
- SSHKit::Runner::ExecuteError "rails exit status: 127" in versions 0.5 and 0.6 HOT 11
- Net::SCP failure when db_dump_dir is set HOT 2
- NoMethodError: undefined method `[]' for nil:NilClass HOT 1
- DB:pull 127 error HOT 10
- how do I pass credentials to pg_dump?
- Option to drop database before import HOT 2
- Note in Docs for use with capistrano-rvm
- istrano HOT 2
- cap staging db:pull causes this problem :( HOT 2
- Serial id lost after db push HOT 2
- scp should happen before remote clean HOT 1
- Doesn't work on winows 10 sub-systems (/usr/bin/env: ‘ruby.exe’: No such file or directory)
- Strip adapter check? HOT 2
- Can not accept `db_dump_dir` configuration HOT 1
- Append the `db:download` task
- Multi database support is broken
- Question to users HOT 2
- `db_ignore_data_tables` setting doesn't work on MySQL
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from capistrano-db-tasks.