View Issue Details

IDProjectCategoryView StatusLast Update
0000137bmanGeneralpublic2014-09-24 19:36
Reporterabdel-mawla Assigned Tooli  
PrioritylowSeverityfeatureReproducibilityalways
Status assignedResolutionopen 
PlatformLinuxOSCentosOS Version6.x
Target Version1.2.0 
Summary0000137: Implementing the use of mysql_config_editor in mysql_bman
DescriptionAlthough msysql_bman has a config option which could be used to store all options in a config file and use it instead of providing them in the command line but the mysql password is not encrypted in this file and could be hacked.
Yes, the password option is hidden when printing the used mysqldump command:

/opt/mysql-5.6.17/bin/mysqldump --user=tmp --host=127.0.0.1 --port=3306 --master-data=2 --single-transaction --flush-logs --triggers --routines --databases deadlock foodmart generatedata partitions_test sbtest sql_test test zabbix --events
  to Destination: ./bck/daily/bck_schema_2014-04-03_14-59-38.sql
Warning: Using a password on the command line interface can be insecure.

But it could be read very easy by executing the following command during the backup process:

ps auxf|grep mysqldump

Also, all the contents in the config file are being print without encryption:

 mysql_bman --config=test.conf

Configuration from test.conf
  policy = daily
  target = tmp/s3cret@127.0.0.1:3306
  type = schema
  schema = -mysql
  policy = daily
  no-compress = on
Configuration from command line options
  config = test.conf
Resulting options
  config = test.conf
  policy = daily
  target = tmp:******@127.0.0.1:3306
  type = schema
  schema = -mysql
  no-compress = on
  log = ./mysql_bman.log
  backupdir = ./bck
  mode = logical
Logging to ./mysql_bman.log
Backupdir is ./bck

If mysql_bman could be configured to use mysql_config_editor it would be more secure.
TagsNo tags attached.

Activities

oli

2014-08-06 21:34

developer   ~0000130

Password is not exposed any more. mysql_config_editor is postponed for later

Issue History

Date Modified Username Field Change
2014-04-03 15:10 abdel-mawla New Issue
2014-04-03 15:10 abdel-mawla Status new => assigned
2014-04-03 15:10 abdel-mawla Assigned To => oli
2014-08-06 21:34 oli Note Added: 0000130
2014-08-06 21:34 oli Target Version 1.0.3 => 1.2.0
2014-09-24 19:36 administrator Project mysql_bman => bman