Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24965

With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in audit log

    XMLWordPrintable

Details

    Description

      With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in MariaDB audit log.

      MariaDB [(none)]> GRANT ALL ON test.* TO test1@'%' IDENTIFIED BY 'Test@123';
      Query OK, 0 rows affected (0.003 sec)
       
      MariaDB [(none)]> SET PASSWORD FOR test1@'%' = password('Test@123');
      Query OK, 0 rows affected (0.003 sec)
       
      MariaDB [(none)]> ALTER USER test1@'%' IDENTIFIED BY 'Test@123';
      Query OK, 0 rows affected (0.003 sec)
       
      20210219 08:43:31,localhost.localdomain,root,localhost,8,10,QUERY,,'GRANT ALL ON test.* TO test1@\'%\' IDENTIFIED BY *****',0
      20210219 08:44:35,localhost.localdomain,root,localhost,8,11,WRITE,mysql,global_priv,
      20210219 08:44:35,localhost.localdomain,root,localhost,8,11,QUERY,,'SET PASSWORD FOR test1@\'%\' = password(*****)',0
      20210219 08:45:04,localhost.localdomain,root,localhost,8,13,WRITE,mysql,global_priv,
      20210219 08:45:04,localhost.localdomain,root,localhost,8,13,QUERY,,'ALTER USER test1@\'%\' IDENTIFIED BY \'Test@123\'',0
      

      Attachments

        Activity

          People

            holyfoot Alexey Botchkov
            niljoshi Nilnandan Joshi
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.