Comment 4 for bug 1343657

This doesn't look like a very practical vulnerability (since you need to be root to insert a malicious command in the sql connectionstring), so I'm leaning towards opening this bug, get it fixed in public in the future versions onf trove, and not issue a security advisory about it.

Adding OSSG to get their opinion on it