[MXS-729] MaxAdmin security modification. Created: 2016-05-17  Updated: 2016-08-11  Resolved: 2016-05-20

Status: Closed
Project: MariaDB MaxScale
Component/s: maxadmin
Affects Version/s: None
Fix Version/s: 2.0.0

Type: Task Priority: Major
Reporter: Johan Wikman Assignee: Massimiliano Pinto (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Sprint: 2016-10

 Description   
  • Access only from same host.
  • Initially root can access.
  • Root can add and remove user-ids.
  • Thereafter possible to use maxadmin as other than root.

 Comments   
Comment by Massimiliano Pinto (Inactive) [ 2016-05-18 ]

"root" authentication succeed if no users

[root@1111]# /home/mpinto/packages/MXS-729/usr/bin/maxadmin -S /tmp/maxadmin.sock
MaxScale>

[root@ks211278 build]# su - maxscaletest
[maxscaletest@1111~]$ /home/mpinto/packages/MXS-729/usr/bin/maxadmin -S /tmp/maxadmin.sock
Failed to connect to MaxScale. Incorrect username or password.

After adding user "mpinto"

-bash-4.1$ /home/mpinto/packages/MXS-729/usr/bin/maxadmin -S /tmp/maxadmin.sock
MaxScale>

"root" user is no longer available:

[root@ks211278 build]# /home/mpinto/packages/MXS-729/usr/bin/maxadmin -S /tmp/maxadmin.sock
Failed to connect to MaxScale. Incorrect username or password.

Comment by Massimiliano Pinto (Inactive) [ 2016-05-20 ]

Task is done in MXS-729 branch

Generated at Thu Feb 08 04:01:30 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.