Re: exposing passwords in command line

To: debian-devel@lists.debian.org
Subject: Re: exposing passwords in command line
From: racke@linuxia.de (Stefan Hornburg Racke)
Date: 27 Aug 2001 09:50:36 +0200
Message-id: <[🔎] 87pu9ij60j.fsf@snowflake.linuxia.de>
In-reply-to: Brian May's message of "27 Aug 2001 16:52:46 +1000"
References: <87vgjaczkz.fsf@jumper.lonesom.pp.fi> <843d6eq9j5.fsf@scrooge.chocbit.org.au>

Brian May <bam@debian.org> writes:

> >>>>> "Jaakko" == Jaakko Niemi <liiwi@debian.org> writes:
> 
>     Jaakko>  This is not that easily fixed in wwwconfig-common. It
>     Jaakko> might be better for some packages to move the database
>     Jaakko> configuration to separate script that the admin would run
>     Jaakko> after installation, which would run the database client in
>     Jaakko> interactive mode.  Some packages might want to prompt the
>     Jaakko> local admin for a decision.
> 
> mysql can be told read the password $HOME/.my.cnf, and in fact the
> Debian installation instructions specifically say to create a
> /root/.my.cnf file with the root password anyway, for the logrotation
> stuff to work.
> 
> Admittedly, storing the root password in a known location in a clear
> text file seems a crazy idea to me (surely it should be possible to
> rotate the log files without knowing this password?), but I am not the
> maintainer...


As root you can put your own mysql.* files into /var/lib/mysql
anyway, so this is no notable security hole.

Ciao
        Racke


-- 
Racke happily hacks Interchange and maintains Debian packages like Courier.

For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: info@cobolt.net; Phone: 0041-1-3884400)

Reply to:

Prev by Date: Re: YA /[s]bin thread was Re: Who is a Debian user?
Next by Date: ITC: dpkg-sysconfig
Previous by thread: Re: ldconfig and pre/post scripts
Next by thread: ITC: dpkg-sysconfig
Index(es):
- Date
- Thread