Michael Stassen wrote:
Ehrwin Mina wrote:
Jeff,
You can make a shell script or a php script or a perl script by that
way you can hide the commands you need to execute.
eg.
Make a shell script (myshell.sh)
#!/bin/sh
myuser=dbuser
mypasswd=dbpassword
mydb=dbname
myhost=localhost
myport=3306
db1=mysql -u$myuser -pmypasswd -Dmydb -h$myhost -P$myport
echo "repair table employee" | $db1
echo "unlock table " | $db1
exit
This is no more secure, as it still puts the password on the command
line. Your script amounts to
echo "repair table employee" | mysql -udbuser -pdbpassword -Ddbname
-hlocalhost -P3306
echo "unlock table " | mysql -udbuser -pdbpassword -Ddbname -hlocalhost
-P3306
The password is on the command line of the commands issued by the
script, so it can be seen with ps.
That isn't true. If you make a ps, you will see something like "mysql -p
x xxxxxxxx ................".
As I said before, you can use something like:
"mysql -uUser --password=`cat password_file` db"
See http://lists.mysql.com/mysql/186720.
But ensure that the password_file has access restrictions like
-r--------, so that only the owner can read it.
The solution is to put the password in an option file (usually .my.cnf)
instead. The client, mysql, will read the password from the option
file, without making it available to ps.
Michael
--
Nuno Pereira
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
