that passing the password via the command line (arg 3) is insecure.
This responds to bug #990 (it doesn't fix it).
git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/trunk@5780
91ce42f0-d328-0410-95d8-
f526ca767f89
# $2 is the user name with which to access the database
# (default = bacula).
# $3 is the password with which to access the database or "" if no password
-# (default "")
+# (default ""). WARNING!!! Passing the password via the command line is
+# insecure and should not be used since any user can display the command
+# line arguments and the environment using ps. Please consult your
+# MySQL or PostgreSQL manual for secure methods of specifying the
+# password.
# $4 is the host on which the database is located
# (default "")
#
else
MYSQLHOST=""
fi
- ${BINDIR}/mysqldump -u $2$MYSQLPASSWORD$MYSQLHOST -f --opt $1 >$1.sql
+ ${BINDIR}/mysqldump -u ${2}${MYSQLPASSWORD}${MYSQLHOST} -f --opt $1 >$1.sql
else
if test xpostgresql = x@DB_TYPE@ ; then
if test $# -gt 2; then
Technical notes on version 2.3
General:
+22Oct07
+kes Add a security warning to src/cats/make_catalog_backup.in indicating
+ that passing the password via the command line (arg 3) is insecure.
+ This responds to bug #990 (it doesn't fix it).
19Oct07
kes Set default debug_level to zero. This corrects bugs #991 and #993.
kes Fix a crash in bat when it cannot connect to the Director for example
projects / bacula / bacula / commitdiff