Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-8825

mysql_upgrade leaks the admin password when it spawns a shell process to execute mysqlcheck

    XMLWordPrintable

    Details

      Description

      Running mysql_upgrade on a server with a large number of database might take a while. During this time, if any user on the system does a ps axf, the user will see the mysql admin password in plain text:

      ...
       7089 ?        S      0:00  |           \_ /opt/bin/mysql_upgrade -u root -pxxxxxxxx
       7224 ?        S      0:00  |               \_ sh -c '/opt/bin/mysqlcheck' '--no-defaults' '--user=root' '--password=GiuxphAI' '--user=root'  '--check-upgrade'
       7225 ?        S      0:00  |                   \_ /opt/bin/mysqlcheck --no-defaults --user=root --password=x xxxxxx --user=root --check-upgrade --auto-repair
      ...

      So, although the mysqlcheck command itself hides the password in the process listing, it leaks because myslq_upgrade shell out to execute the command. A possible fix (although I don't know anything about mariadb code) is to avoid shell-ing out and doing a fork+exec instead.

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            lonetwin lonetwin
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration