Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24965

With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in audit log

    XMLWordPrintable

    Details

      Description

      With ALTER USER ...IDENTIFIED BY command, password doesn't replaced by asterisks in MariaDB audit log.

      MariaDB [(none)]> GRANT ALL ON test.* TO test1@'%' IDENTIFIED BY 'Test@123';
      Query OK, 0 rows affected (0.003 sec)
       
      MariaDB [(none)]> SET PASSWORD FOR test1@'%' = password('Test@123');
      Query OK, 0 rows affected (0.003 sec)
       
      MariaDB [(none)]> ALTER USER test1@'%' IDENTIFIED BY 'Test@123';
      Query OK, 0 rows affected (0.003 sec)
       
      20210219 08:43:31,localhost.localdomain,root,localhost,8,10,QUERY,,'GRANT ALL ON test.* TO test1@\'%\' IDENTIFIED BY *****',0
      20210219 08:44:35,localhost.localdomain,root,localhost,8,11,WRITE,mysql,global_priv,
      20210219 08:44:35,localhost.localdomain,root,localhost,8,11,QUERY,,'SET PASSWORD FOR test1@\'%\' = password(*****)',0
      20210219 08:45:04,localhost.localdomain,root,localhost,8,13,WRITE,mysql,global_priv,
      20210219 08:45:04,localhost.localdomain,root,localhost,8,13,QUERY,,'ALTER USER test1@\'%\' IDENTIFIED BY \'Test@123\'',0
      

        Attachments

          Activity

            People

            Assignee:
            holyfoot Alexey Botchkov
            Reporter:
            niljoshi Nilnandan Joshi
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration