>Description:
The mysqlhotcopy manpage suggests giving the password via the command
line option '--password'. This is higly insecure as every system user
is able to read it.
>How-To-Repeat:
RTFM ;-)
>Fix:
Please apply the following patch:
--- mysql-dfsg-3.23.54a/scripts/mysqlhotcopy.sh.orig 2002-12-23 17:06:18.000000000
+0100
+++ mysql-dfsg-3.23.54a/scripts/mysqlhotcopy.sh 2002-12-23 17:18:06.000000000 +0100
@@ -49,7 +49,8 @@
-?, --help display this helpscreen and exit
-u, --user=# user for database login if not current user
- -p, --password=# password to use when connecting to server
+ -p, --password=# password to use when connecting to server if not set
+ in e.g. ~/.my.cnf
-h, --host=# Hostname for local server when connecting over TCP/IP
-P, --port=# port to use when connecting to local server with TCP/IP
-S, --socket=# socket to use when connecting to local server
@@ -893,7 +894,11 @@
=item -p, --password=#
-password to use when connecting to server
+password to use when connecting to server. Note that you are strongly encouraged
+*not* to use this option as every user would be able to see the password in the
+process list. Instead use the '[mysqlhotcopy]' section in one of the config
+files, normally /etc/mysql/my.cnf or your personal ~/.my.cnf.
+(See manual '4.1.2 my.cnf Option Files')
=item -h, -h, --host=#
>Submitter-Id: <submitter ID>
>Originator: Christian Hammers
>Organization:
The Debian Project
>MySQL support: none
>Synopsis: mysqlhotcopy manpage suggests --password instead of ~/.my.cnf
>Severity: non-critical
>Priority: low
>Category: mysql
>Class: doc-bug
>Release: mysql-4.0.6-gamma (Source distribution)
>Environment:
System: Linux app109 2.4.20-app109-1 #4 Thu Dec 5 21:44:44 CET 2002 i686 unknown
unknown GNU/Linux
Architecture: i686
Some paths: /usr/bin/perl /usr/bin/make /usr/local/bin/gmake /usr/bin/gcc /usr/bin/cc
GCC: Reading specs from /usr/lib/gcc-lib/i386-linux/2.95.4/specs
gcc version 2.95.4 20011002 (Debian prerelease)
Compilation info: CC='gcc' CFLAGS='' CXX='g++' CXXFLAGS='' LDFLAGS='' ASFLAGS=''
LIBC:
lrwxrwxrwx 1 root root 13 2002-11-20 02:56 /lib/libc.so.6 ->
libc-2.3.1.so
-rwxr-xr-x 1 root root 1109068 2002-11-19 19:13 /lib/libc-2.3.1.so
-rw-r--r-- 1 root root 2344038 2002-11-19 19:14 /usr/lib/libc.a
-rw-r--r-- 1 root root 178 2002-11-19 19:14 /usr/lib/libc.so
-rw-r--r-- 1 root root 716080 2002-01-13 21:06
/usr/lib/libc-client.so.2001
Configure command: ./configure '--prefix=/usr' '--exec-prefix=/usr'
'--libexecdir=/usr/sbin' '--datadir=/usr/share' '--sysconfdir=/etc/mysql'
'--localstatedir=/var/lib/mysql' '--includedir=/usr/include'
'--infodir=/usr/share/info' '--mandir=/usr/share/man' '--enable-shared'
'--enable-static' '--enable-thread-safe-client' '--enable-assembler'
'--enable-local-infile' '--with-raid'
'--with-unix-socket-path=/var/run/mysqld/mysqld.sock' '--with-mysqld-user=mysql'
'--with-libwrap' '--with-client-ldflags=-lstdc++' '--with-embedded-server'
'--with-vio' '--with-openssl' '--without-docs' '--without-bench' '--without-readline'
'--with-extra-charsets=all' '--with-berkeley-db' '--with-innodb'
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
