Re: No MySQL password in ps aux!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, Sep 12, 2011 at 05:37, Devin Reade <gdr@xxxxxxx> wrote:
> Getting back to the original question, it is a feature of mysql (not
> of CentOS per se), but there's nothing that stops other (C) programs
> from doing something similar.  Shortly after startup, a programmer can
> set things up so that command line arguments (or in this case one of
> them) is hidden from anyone from viewing the process table.
>
> However, even using this mechanism there is a window where, if someone
> looks at the process table at the right time, they will see the password
> in cleartext.
>
> So, despite the mysql programmers trying to minimize the chance of
> leaking the password it is still a risk and so the advice others have
> given about -p (without the password) and .my.cnf is still the best
> option.
>

Thanks. I did not realize that this window of opportunity exists.
Considering the circumstances, I think that it is a fair tradeoff.

Thank you for the information!

-- 
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux