Hello everyone, I open this thread to discuss about long term development strategy for backup system and database module, that as a developer. - The first problem, which is important point for me. I developed a PostgreSQL database plugin that works perfectly (with backup system), I will pushed and submit soon into repo. I encounter a problem that worries me (it seems current MongoDB database plugin has the same). Currently, user password encryption use password() mysql method, which is a problem for integration of other databases, here is what I propose, keep password passed in clear in database plugins, and delegate encryption by service itself. Of course, this does not affect the encrypted password storage in ispconfig database, as currently. - The second thing I would like to discuss is about management backup/monitor by a single file (actually). This does not prevent actual proper operation, but complicates integration of the new services. I propose a system by directory, as currently operating modules and plugins, but without symlink. What do you think about this two questions I'm evoking?
The password should be stored encrypted in my opinion, off course in a format that matches the encryption of the target database. The password(9 function should be used for MySQL only. So we will have to to adjust the form in the interface in a way that the passord hasing format depends on the database type. This has already been splitted for 3.1, see new internal cron system in the git master branch.
You're right, ispconfig cronjob support multiple file. For password, I agree, always store it encrypted, what I propose is to pass it as clear in plugins, so they can properly attributed passwords.
This would require it to store the password unencrypted in the database as a server plugin on a multiserver system would not be able to alter the cleartext password in the master database. Therefore the interface has to take care to store the password with the right encryption in the database.
Another plausible and correct solution (in terms of data safety) would be to create password crypted fields per service (as currently for MongoDB in master branche) and encrypted before insertion in db, this would impose to create "type" field (like web_database table) in web_database_user table, and encrypt depending of type selected. It also would impose to add sql filter by type in the database create/update user web interface. I think this method would be the most proper way at any point?
