that passing the password via the command line (arg 3) is insecure.
This responds to bug #990 (it doesn't fix it).
git-svn-id: https://bacula.svn.sourceforge.net/svnroot/bacula/branches/Branch-2.2@5779
91ce42f0-d328-0410-95d8-
f526ca767f89
# $2 is the user name with which to access the database
# (default = bacula).
# $3 is the password with which to access the database or "" if no password
-# (default "")
+# (default ""). WARNING!!! Passing the password via the command line is
+# insecure and should not be used since any user can display the command
+# line arguments and the environment using ps. Please consult your
+# MySQL or PostgreSQL manual for secure methods of specifying the
+# password.
# $4 is the host on which the database is located
# (default "")
#
else
MYSQLHOST=""
fi
- ${BINDIR}/mysqldump -u $2$MYSQLPASSWORD$MYSQLHOST -f --opt $1 >$1.sql
+ ${BINDIR}/mysqldump -u ${2}${MYSQLPASSWORD}${MYSQLHOST} -f --opt $1 >$1.sql
else
if test xpostgresql = x@DB_TYPE@ ; then
if test $# -gt 2; then
General:
22Oct07
+kes Add a security warning to src/cats/make_catalog_backup.in indicating
+ that passing the password via the command line (arg 3) is insecure.
+ This responds to bug #990 (it doesn't fix it).
kes Apply 2.2.5-postgresql-errors.patch
kes Remove unneeded File table index on JobId, which is already
present as the first index of another multi-index.
projects / bacula / bacula / commitdiff