-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dan, et al --
...and then Dan Greene said... % % you could put a shell script as the actual cron job, and make the file only read-able by root, using an environment variable as the password passed (defined in shell script file), so that way even if someone 'sniffs' the process via 'ps -ef' they don't see the actual password (if they happen to catch the setting of the env var that's another story, but _much_ less likely) What, you've never used 'ps aguxwwe' before? Heh. The closest I might come to a better answer is the same sort of scripted setup but to redirect mysql from a file (or a heredoc) containing the password so that it doesn't show up anywhere in ps. But you still have the password right there in the file; that sure sucks! This actually brings up a different question: how can one reliably and securely and yet without human interaction run database queries? I've wondered this for a while, and I think I brought it up on this list some time ago, and there was some talk of X.500 certificates, but I don't recall anything beyond that (including any sort of satisfactory answer). Those of you who store your passwords in the script file for all to see, how do you keep all from seeing them? And those of you who don't, what are you doing to stay secure? And those of you who have a different approach, what is it? TIA & HAND :-D - -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE/skVoGb7uCXufRwARArBEAKDH8Q5XyrR5yDUioU/sn/gambF/ogCg0rhk UlH37CUM00xzAv0sT6iX3Kk= =L1qa -----END PGP SIGNATURE----- -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
