[
https://issues.apache.org/jira/browse/OFBIZ-13294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18023149#comment-18023149
]
Carsten Schinzer commented on OFBIZ-13294:
------------------------------------------
There is also a permission issue with the default postgres-entityengine.xml,
the starting user has no permission to edit it.
Maybe that will also be reviewed.
> Docker extension discloses passwords in sed command
> ---------------------------------------------------
>
> Key: OFBIZ-13294
> URL: https://issues.apache.org/jira/browse/OFBIZ-13294
> Project: OFBiz
> Issue Type: Bug
> Components: Docker
> Affects Versions: 24.09.02
> Reporter: Carsten Schinzer
> Assignee: Carsten Schinzer
> Priority: Major
>
> The entrypoint script discloses database passwords when being executed on the
> Container log in method {{configure_database().}}
> I consider this a security breach and would suggest to fix the behaviour to
> have the sed command silenced.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
