mylvmbackup-discuss team mailing list archive

Thread
Date

Re: Password from environment patch

To: Yves Goergen <yves@xxxxxxxxxxxxxxx>
From: Lenz Grimmer <lenz@xxxxxxxxxxx>
Date: Wed, 08 Sep 2010 11:31:46 +0200
Cc: mylvmbackup-discuss@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4C874B7A.7020603@grimmer.com>
Openpgp: id=B27291F2
Sender: Lenz Grimmer <lenz.grimmer@xxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.11) Gecko/20100713 Lightning/1.0b1 Thunderbird/3.0.6

Hi,

(a quick followup on this...)

On 09/08/10 10:38, Lenz Grimmer wrote:

> Hmm, so you did not want to put the password in the command line, but you're
> willing to make it visible in the process environment?
> 
> By the way, the MySQL Client library (and consequently Perl/DBI) already
> supports this functionality. The environment variable is called "MYSQL_PWD" -
> have you tried it?

I just tested this, Perl DBI supports using MYSQL_PWD as well. So this would
be an option. I've added a note about this to the manual page.

> On Linux, you can just look at /proc/<id>/environ to find the password...

Or just "ps -auxe" - the "-e" Option makes it print the environment of the
process.

> So it's not really any more secure than passing the password on the command line.

Well, maybe a little bit - as only root or the owner of a process can see the
environment...

Bye,
	LenZ
-- 
  Lenz Grimmer <lenz@xxxxxxxxxxx> - http://www.lenzg.net/

Attachment: signature.asc
Description: OpenPGP digital signature

Follow ups

Re: Password from environment patch
From: Yves Goergen, 2010-09-08

References

Password from environment patch
From: Yves Goergen, 2010-09-02
Re: Password from environment patch
From: Lenz Grimmer, 2010-09-08