CRM-19223 - bin/encryptDB.php - Completely disable by default

Arguably, it's sufficient to check for administrative privileges... since an administrator can do this kind of damage anyway... but this use-case is so broad, dangerous, and uncommon that it really shouldn't be available unless you take extraordinary measures. It's tempting to remove the file entirely, but some upgrade workflows don't properly handle deleted files, and some users may still want access to this code so that they can run it themselves.

CRM-19223 - bin/encryptDB.php - Completely disable by default
c5d44ae3 · totten · 8db3c914 · c5d44ae3
Commit c5d44ae3 authored 8 years ago by totten
--- a/bin/encryptDB.php
+++ b/bin/encryptDB.php
@@ -25,6 +25,13 @@
 +--------------------------------------------------------------------+
 */

+die("This script is disabled because it is dangerous. If you need it, please duplicate it elsewhere and provide your own secure workflow. This example file will be removed in the future.");
+
+// TIP: If/when we do delete this file, take care to affirmatively check for
+// deletion as part of the status-check infrastructure. Some upgrade workflows
+// don't clear out old files properly, and there's no telling the history
+// of upgrades that have been performed.
+
 /**
 *
 * @package CRM