Password passed on the command line is shown in process list / bash history
Bug #1028829 reported by
Piotr Kilczuk
This bug affects 2 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| MySQL Data Dumper |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Originally reported as: https:/
I'm just pasting as this issue stops me from using this promising project.
Hi,
I'm new to mydumper and think it's a great tool, but what worries me is that the password for the account used to create the export is shown in the process list.
I can live with the fact that I have to provide the password at the command-line, but showing the password in the processlist is a big security risk as all users on a normal Linux machine can see all processes... and thus see a username/password combination which they can use to login at MySQL...
Is there any way to secure this in mydumper?
Michel
Revision history for this message
| Domas Mituzas (domas-mituzas) wrote | #1 |
Revision history for this message
| HighKing (esz-ei6h3l-n1h) wrote | #2 |
Revision history for this message
| Piotr Kilczuk (p-kilczuk) wrote | #3 |
Revision history for this message
| Domas Mituzas (domas-mituzas) wrote Re: [Bug 1028829] Re: Password passed on the command line is shown in process list / bash history | #4 |
Revision history for this message
| Dmitry Ilyin (idv1985) wrote | #5 |
Revision history for this message
| rat (szczur-i) wrote | #6 |
Revision history for this message
| rat (szczur-i) wrote | #7 |
| Changed in mydumper: | |
| status: | New → Confirmed |
Revision history for this message
| Max Bubenick (max-bubenick) wrote | #8 |
To post a comment you must log in.
It should be able to read your ~/.my.cnf ([client] and [mydumper] groups probably, I'm not sure if I actually implemented :)