At 09:49 PM 7/29/2005, Nuno Pereira wrote:
Michael Stassen wrote:
Ehrwin Mina wrote:
Jeff,
You can make a shell script or a php script or a perl script by that way
you can hide the commands you need to execute.
eg.
Make a shell script (myshell.sh)
#!/bin/sh
myuser=dbuser
mypasswd=dbpassword
mydb=dbname
myhost=localhost
myport=3306
db1=mysql -u$myuser -pmypasswd -Dmydb -h$myhost -P$myport
echo "repair table employee" | $db1
echo "unlock table " | $db1
exit
This is no more secure, as it still puts the password on the command
line. Your script amounts to
echo "repair table employee" | mysql -udbuser -pdbpassword -Ddbname
-hlocalhost -P3306
echo "unlock table " | mysql -udbuser -pdbpassword -Ddbname -hlocalhost
-P3306
The password is on the command line of the commands issued by the script,
so it can be seen with ps.
That isn't true. If you make a ps, you will see something like "mysql -p x
xxxxxxxx ................".
As I said before, you can use something like:
"mysql -uUser --password=`cat password_file` db"
See http://lists.mysql.com/mysql/186720.
But ensure that the password_file has access restrictions like -r--------,
so that only the owner can read it.
The solution is to put the password in an option file (usually .my.cnf)
instead. The client, mysql, will read the password from the option file,
without making it available to ps.
Michael
--
Nuno Pereira
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
FYI,
Nuno is correct you cannot see the password in the 'ps' and my scripts is
just an example you can modify it for more security like putting it a
config file or much better if you can use perl. Don't forget the user
privileges only.
Thanks,
Ehrwin C. Mina
9/F Tower 2
RCBC Plaza
6819 Ayala Avenue cor. Sen. Gil J. Puyat Avenue
Makati City 1200 Philippines
Cell (63 918) 930 4383
(63 917) 845 2102
Tel (63 2) 757 2630/32
Fax (63 2) 757 2633
Email [EMAIL PROTECTED]
Web www.chikka.com
This message and any attachment are confidential and may be privileged or
otherwise protected from disclosure. If you are not the intended recipient,
you must not copy this message or attachment or disclose the contents to
any other person. If you have received this transmission in error, please
notify the sender immediately and delete the message and any attachment
from your system. Chikka does not accept liability for any omissions or
errors in this message which may arise as a result of E-Mail-transmission
or for damages resulting from any unauthorized changes of the content of
this message and any attachment thereto. Chikka does not guarantee that
this message is free of viruses and does not accept liability for any
damages caused by any virus transmitted therewith.
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
