-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, all!
I would like to dump my mysql databases to cold files for separate backups; we're too cheap to buy the database agent that will do it live. I started with mysqldump --user=root --password=showtheworld --all-databases > ... as I've seen in numerous scripts posted to this list, but of course that shows the world my DB root password if you happen to run top at the right time (or are the adventurous type who might run a script to, say, look for and log any mysql commands). My next step was to <create dumpster user with no password> grant select on *.* to dumpster@localhost so that I can run mysqldump --user=dumpster --all-databases > ... and at least protect all of my writing privs -- but now the DB id of a user that can obviously read every bit of data in there is also exposed. What I need is a way to connect to the database from a cron job without exposing the password in the environment. What amazes me is that even confidential databases at large companies are accessed through scripts with the passwords embedded -- and the scripts are often world-readable! Is there anything analagous to an ssh key pair so that only an OS user connecting with the DB id private key can get in to do the select and run the mysqldump? Or am I barking up the wrong tree and should I instead do something else to cleanly and securely back up the databases? TIA & HAND :-D - -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://www.justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9vUEvGb7uCXufRwARAhD4AKDj+BMcS2bUtfTnMNd7mF4tPKBX5wCgv+wF ijDeFAYEEH//YbW5qsExAmY= =Y+bQ -----END PGP SIGNATURE----- --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
