1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## 45_warn-CLI-passwords.dpatch by <ch@debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: warn-CLI-passwords
@DPATCH@
--- old/client/mysqladmin.cc.orig 2005-11-15 01:12:30.000000000 +0100
+++ new/client/mysqladmin.cc 2005-11-22 00:17:41.327082273 +0100
@@ -154,7 +154,7 @@
{"host", 'h', "Connect to host.", (gptr*) &host, (gptr*) &host, 0, GET_STR,
REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
{"password", 'p',
- "Password to use when connecting to server. If password is not given it's asked from the tty.",
+ "Password to use when connecting to server. If password is not given it's asked from the tty. WARNING: Providing a password on command line is insecure as it is visible through /proc to anyone for a short time.",
0, 0, 0, GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
#ifdef __WIN__
{"pipe", 'W', "Use named pipes to connect to server.", 0, 0, 0, GET_NO_ARG,
--- old/client/mysql.cc.orig 2005-11-15 01:12:45.000000000 +0100
+++ new/client/mysql.cc 2005-11-22 00:17:41.329082230 +0100
@@ -621,7 +621,7 @@
0, 0, 0, GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
#endif
{"password", 'p',
- "Password to use when connecting to server. If password is not given it's asked from the tty.",
+ "Password to use when connecting to server. If password is not given it's asked from the tty. WARNING: This is insecure as the password is visible for anyone through /proc for a short time.",
0, 0, 0, GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
#ifdef __WIN__
{"pipe", 'W', "Use named pipes to connect to server.", 0, 0, 0, GET_NO_ARG,
--- old/client/mysqldump.c.orig 2005-11-15 01:12:38.000000000 +0100
+++ new/client/mysqldump.c 2005-11-22 00:17:41.332082165 +0100
@@ -323,7 +323,7 @@
"Sorts each table's rows by primary key, or first unique key, if such a key exists. Useful when dumping a MyISAM table to be loaded into an InnoDB table, but will make the dump itself take considerably longer.",
(gptr*) &opt_order_by_primary, (gptr*) &opt_order_by_primary, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
{"password", 'p',
- "Password to use when connecting to server. If password is not given it's solicited on the tty.",
+ "Password to use when connecting to server. If password is not given it's solicited on the tty. WARNING: Providing a password on command line is insecure as it is visible through /proc to anyone for a short time.",
0, 0, 0, GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
#ifdef __WIN__
{"pipe", 'W', "Use named pipes to connect to server.", 0, 0, 0, GET_NO_ARG,
--- old/client/mysqlshow.c.orig 2005-11-15 01:12:47.000000000 +0100
+++ new/client/mysqlshow.c 2005-11-22 00:17:41.333082144 +0100
@@ -185,7 +185,7 @@
{"keys", 'k', "Show keys for table.", (gptr*) &opt_show_keys,
(gptr*) &opt_show_keys, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
{"password", 'p',
- "Password to use when connecting to server. If password is not given it's asked from the tty.",
+ "Password to use when connecting to server. If password is not given it's asked from the tty. WARNING: Providing a password on command line is insecure as it is visible through /proc to anyone for a short time.",
0, 0, 0, GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
{"port", 'P', "Port number to use for connection.", (gptr*) &opt_mysql_port,
(gptr*) &opt_mysql_port, 0, GET_UINT, REQUIRED_ARG, MYSQL_PORT, 0, 0, 0, 0,
--- old/scripts/mysqlaccess.sh.orig 2005-11-15 01:12:32.000000000 +0100
+++ new/scripts/mysqlaccess.sh 2005-11-22 00:17:41.352081736 +0100
@@ -74,11 +74,17 @@
-u, --user=# username for logging in to the db
-p, --password=# validate password for user
+ WARNING: Providing a password on command line is
+ insecure as it is visible through /proc to anyone
+ for a short time.
-h, --host=# name or IP-number of the host
-d, --db=# name of the database
-U, --superuser=# connect as superuser
-P, --spassword=# password for superuser
+ WARNING: Providing a password on command line is
+ insecure as it is visible through /proc to anyone
+ for a short time.
-H, --rhost=# remote MySQL-server to connect to
--old_server connect to old MySQL-server (before v3.21) which
does not yet know how to handle full where clauses.
--- old/scripts/mysql_convert_table_format.sh.orig 2005-11-15 01:12:45.000000000 +0100
+++ new/scripts/mysql_convert_table_format.sh 2005-11-22 00:17:41.353081714 +0100
@@ -107,6 +107,8 @@
--password='password'
Password for the current user.
+ WARNING: Providing a password on command line is insecure as it is visible
+ through /proc to anyone for a short time.
--port=port
TCP/IP port to connect to if host is not "localhost".
--- old/scripts/mysqld_multi.sh.orig 2005-11-15 01:12:46.000000000 +0100
+++ new/scripts/mysqld_multi.sh 2005-11-22 00:17:41.355081671 +0100
@@ -730,6 +730,9 @@
mysqladmin = /path/to/mysqladmin/mysqladmin
socket = /tmp/mysql.sock3
port = 3308
+ WARNING: Providing a password on command line is
+ insecure as it is visible through /proc to anyone
+ for a short time.
pid-file = @localstatedir@3/hostname.pid3
datadir = @localstatedir@3
language = @datadir@/mysql/swedish
--- old/scripts/mysql_explain_log.sh.orig 2005-11-15 01:12:31.000000000 +0100
+++ new/scripts/mysql_explain_log.sh 2005-11-22 00:17:41.356081650 +0100
@@ -314,6 +314,9 @@
--user=USERNAME db-user
-u=USERNAME
--password=PASSWORD password of db-user
+ WARNING: Providing a password on command line is
+ insecure as it is visible through /proc to anyone
+ for a short time.
-p=PASSWORD
--socket=SOCKET mysqld socket file to connect
-s=SOCKET
@@ -348,7 +351,7 @@
=head1 USAGE
-mysql_explain_log [--date=YYMMDD] --host=dbhost] [--user=dbuser] [--password=dbpw] [--socket=/path/to/socket] < logfile
+mysql_explain_log [--date=YYMMDD] --host=dbhost] [--user=dbuser] [--password=dbpw (INSECURE)] [--socket=/path/to/socket] < logfile
--date=YYMMDD select only entrys of date
@@ -363,7 +366,8 @@
-u=USERNAME
--password=PASSWORD password of db-user
-
+ WARNING: Providing a password on command line is insecure
+ as it is visible through /proc to anyone for a short time.
-p=PASSWORD
--socket=SOCKET change path to the socket
--- old/scripts/mysql_fix_privilege_tables.sh.orig 2005-11-15 01:12:47.000000000 +0100
+++ new/scripts/mysql_fix_privilege_tables.sh 2005-11-22 00:17:41.357081628 +0100
@@ -33,6 +33,10 @@
case "$1" in
--no-defaults|--defaults-file=*|--defaults-extra-file=*)
+#
+# WARNING: Providing a password on command line is insecure as it is visible
+# through /proc to anyone for a short time.
+#
defaults="$1"; shift
;;
esac
--- old/scripts/mysqlhotcopy.sh.orig 2005-11-15 01:12:47.000000000 +0100
+++ new/scripts/mysqlhotcopy.sh 2005-11-22 00:17:41.358081607 +0100
@@ -32,6 +32,7 @@
mysqlhotcopy --method='scp -Bq -i /usr/home/foo/.ssh/identity' --user=root --password=secretpassword \
db_1./^nice_table/ user@some.system.dom:~/path/to/new_directory
+ (INSECURE)
WARNING: THIS PROGRAM IS STILL IN BETA. Comments/patches welcome.
@@ -53,6 +54,9 @@
-u, --user=# user for database login if not current user
-p, --password=# password to use when connecting to server (if not set
in my.cnf, which is recommended)
+ WARNING: Providing a password on command line is
+ insecure as it is visible through /proc to anyone
+ for a short time.
-h, --host=# Hostname for local server when connecting over TCP/IP
-P, --port=# port to use when connecting to local server with TCP/IP
-S, --socket=# socket to use when connecting to local server
@@ -1025,6 +1029,9 @@
one of the config files, normally /etc/my.cnf or your personal ~/.my.cnf.
(See the chapter 'my.cnf Option Files' in the manual)
+WARNING: Providing a password on command line is insecure as it is visible
+through /proc to anyone for a short time.
+
=item -h, -h, --host=#
Hostname for local server when connecting over TCP/IP. By specifying this
--- old/scripts/mysql_setpermission.sh.orig 2005-11-15 01:12:30.000000000 +0100
+++ new/scripts/mysql_setpermission.sh 2005-11-22 00:17:41.359081585 +0100
@@ -647,6 +647,9 @@
--user : is the username to connect with.
--password : the password of the username.
+ WARNING: Providing a password on command line is
+ insecure as it is visible through /proc to anyone
+ for a short time.
--host : the host to connect to.
--socket : the socket to connect to.
--port : the port number of the host to connect to.
--- old/scripts/mysql_tableinfo.sh.orig 2005-11-15 01:12:32.000000000 +0100
+++ new/scripts/mysql_tableinfo.sh 2005-11-22 00:17:41.360081564 +0100
@@ -462,6 +462,8 @@
=item -p, --password=#
password to use when connecting to server
+WARNING: Providing a password on command line is insecure as it is visible
+through /proc to anyone for a short time.
=item -h, --host=#
--- old/man/mysql.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysql.1 2005-11-22 00:24:20.664501909 +0100
@@ -235,8 +236,8 @@
the section called \(lq\\FBMYSQL\\FR COMMANDS\(rq.
.TP
\(bu
-\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB]\fR,
-\fB\-p[\fR\fB\fIpassword\fR\fR\fB]\fR
+\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR,
+\fB\-p[\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR
.sp
The password to use when connecting to the server. If you use the short option form (\fB\-p\fR), you
\fIcannot\fR
--- old/man/mysqlaccess.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysqlaccess.1 2005-11-22 00:26:35.936574563 +0100
@@ -95,8 +95,8 @@
clauses.
.TP
\(bu
-\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB]\fR,
-\fB\-p[\fR\fB\fIpassword\fR\fR\fB]\fR
+\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR,
+\fB\-p[\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR
.sp
The password to use when connecting to the server. If you omit the
\fIpassword\fR
@@ -133,8 +134,8 @@
Undo the most recent changes to the temporary grant tables.
.TP
\(bu
-\fB\-\-spassword[=\fR\fB\fIpassword\fR\fR\fB]\fR,
-\fB\-P[\fR\fB\fIpassword\fR\fR\fB]\fR
+\fB\-\-spassword[=\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR,
+\fB\-P[\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR
.sp
The password to use when connecting to the server as the superuser. If you omit the
\fIpassword\fR
--- old/man/mysqladmin.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysqladmin.1 2005-11-22 00:27:59.937759146 +0100
@@ -313,8 +313,8 @@
Connect to the MySQL server on the given host.
.TP
\(bu
-\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB]\fR,
-\fB\-p[\fR\fB\fIpassword\fR\fR\fB]\fR
+\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR,
+\fB\-p[\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR
.sp
The password to use when connecting to the server. If you use the short option form (\fB\-p\fR), you
\fIcannot\fR
--- old/man/mysqld_multi.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysqld_multi.1 2005-11-22 00:29:16.837157196 +0100
@@ -43,6 +43,7 @@
.nf
shell> \fBmysqld_multi [\fR\fB\fIoptions\fR\fR\fB] {start|stop|report} [\fR\fB\fIGNR\fR\fR\fB[,\fR\fB\fIGNR\fR\fR\fB] ...]\fR
.fi
+WARNING: Providing a password on command line is insecure as it is visible through /proc to anyone for a short time.
.RE
.PP
start,
@@ -158,7 +159,7 @@
Print log information to stdout rather than to the log file. By default, output goes to the log file.
.TP
\(bu
-\fB\-\-password=\fR\fB\fIpassword\fR\fR
+\fB\-\-password=\fR\fB\fIpassword\fR\fR\ (INSECURE)
.sp
The password of the MySQL account to use when invoking
\fBmysqladmin\fR. Note that the password value is not optional for this option, unlike for other MySQL programs.
--- old/man/mysqldump.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysqldump.1 2005-11-22 00:30:11.533015718 +0100
@@ -401,8 +402,8 @@
\fB\-\-skip\-quick\fR.
.TP
\(bu
-\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB]\fR,
-\fB\-p[\fR\fB\fIpassword\fR\fR\fB]\fR
+\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR,
+\fB\-p[\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR
.sp
The password to use when connecting to the server. If you use the short option form (\fB\-p\fR), you
\fIcannot\fR
--- old/man/mysql_fix_privilege_tables.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysql_fix_privilege_tables.1 2005-11-22 00:31:24.831483491 +0100
@@ -11,7 +11,9 @@
mysql_fix_privilege_tables \- upgrade MySQL system tables
.SH "SYNOPSIS"
.HP 52
-\fBmysql_fix_privilege_tables \-\-password=\fR\fB\fIroot_password\fR\fR
+\fBmysql_fix_privilege_tables \-\-password=\fR\fB\fIroot_password\fR\fR\ (INSECURE)
+.PP
+WARNING: Providing a password on command line is insecure as it is visible through /proc to anyone for a short time.
.SH "DESCRIPTION"
.PP
Some releases of MySQL introduce changes to the structure of the system tables in the
--- old/man/mysqlshow.1.orig 2005-11-14 19:20:56.000000000 +0100
+++ new/man/mysqlshow.1 2005-11-22 00:32:05.535631432 +0100
@@ -100,8 +101,8 @@
Show table indexes.
.TP
\(bu
-\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB]\fR,
-\fB\-p[\fR\fB\fIpassword\fR\fR\fB]\fR
+\fB\-\-password[=\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR,
+\fB\-p[\fR\fB\fIpassword\fR\fR\fB\ (INSECURE)]\fR
.sp
The password to use when connecting to the server. If you use the short option form (\fB\-p\fR), you
\fIcannot\fR
|
