[MDEV-4424] mysql_secure_installation treats backslashes in passwords as escape characters - Jira

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Minor
Resolution: Unresolved
Affects Version/s: 10.0.1, 5.5.30, 5.1.67, 5.2.14, 5.3.12
Fix Version/s: 5.5
Component/s: None
Labels:
- upstream-fixed
Environment:
Linux drag0nius.pl 3.8.7-1-ARCH #1 SMP PREEMPT Sat Apr 13 09:01:47 CEST 2013 x86_64 GNU/Linux

Description

Passwords in "mysql_secure_installation" script are read without "-r" modifier meaning that backlashes passed into it by user are treated as escape character instead of real backslash (what in my opinion is desired)

Example:
1. Pass 1\23 as new root password in mysql_secure_installation script
2. mysql -u root -p does not accept 1\23 password, but it accepts "123" instead,
3. mysql_secure_installation accepts both 1\23 and 123

Fix 1 (recommended):

/usr/bin/mysql_secure_installation:

line	current	replacement
245	`read password`	`read -r password`
265	`read password1`	`read -r password1`
268	`read password2`	`read -r password2`

Fix 2:

Another way would be informing user that backslash is treated as escape symbol and that you need to pass double backslash.

Attachments

Issue Links

links to

Bug #69044 - "mysql_secure_installation" password prompts are escaping backslashes

Activity

People

Assignee:: Unassigned

Reporter:: Krzysztof Nazarewski

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2013-04-23 18:00

Updated:: 2022-09-08 09:54

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.