[Gluster-infra] Small security gotcha with www.gluster.org and sql files... ; )

Justin Clift justin at gluster.org
Tue Oct 14 19:30:35 UTC 2014

Was just looking around the web root of www.gluster.org a few minutes
ago, and noticed a few worrying new files (9th October 2014) there:

  * file.sql
  * mysqldump.sql

Please don't do that. ;)

SQL database dumps can have all kinds of sensitive data in them, so
shouldn't ever be in the web root (a publicly accessibly location)
without effective controls around them.

I've moved them into a non-public location in my home dir in case
they're still needed:


Note - Looking through the Varnish logs on the server, no-one has
attempted to download them so this isn't a biggie.  Live and learn
thing. ;)

Regards and best wishes,

Justin Clift

GlusterFS - http://www.gluster.org

An open source, distributed file system scaling to several
petabytes, and handling thousands of clients.

My personal twitter: twitter.com/realjustinclift

More information about the Gluster-infra mailing list