[MDEV-10564] Galera `wsrep_debug` patch logs MySQL user credentials Created: 2016-08-15 Updated: 2021-05-13 Resolved: 2018-07-25 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Galera |
| Affects Version/s: | 10.1 |
| Fix Version/s: | 10.1.35, 10.2.17, 10.3.9, 10.0.36-galera |
| Type: | Bug | Priority: | Major |
| Reporter: | Chris Calender (Inactive) | Assignee: | Jan Lindström (Inactive) |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Sprint: | 10.1.24 |
| Description |
|
The recent 'wsrep_debug' patch supplied by Codership (to help diagnose replication issues) is logging various GRANT, UPDATE, DELETE, etc. statements. This is expected. However, what is not expected is that in the GRANT statements, the IDENTIFIED BY '**************' is coming through clear text. This is a problem when customers enable Syslog, and these statements are now shipped off-VM into uncontrolled territory. Is it possible to update the patch to mask out that string before logging? Also, can this please be added to 10.0 series? |