[CentOS] No MySQL password in ps aux!
Dotan Cohen
dotancohen at gmail.com
Tue Sep 13 09:36:28 UTC 2011
On Mon, Sep 12, 2011 at 23:25, Craig White <craig.white at ttiltd.com> wrote:
> create a proper .my.cnf file - problem solved
>
There are other users who have root access (yes, I know, bad idea but
it's not my box) who I don't want playing around in the mysql cli (I'm
being a bully here, I know, but they are PHP guys). They can access
MySQL via PHP and when something breaks it is in an environment that
they are professionally expected to be proficient in. Not to be a
jerk, but in any group of high-level-language programmers there is the
one who will experiment on a production webserver instead of
installing Linux on his machine at home. I started off as that guy!
Yes, I know that the PHP guys can get the password by looking in the
mysqlConnection.inc file that they typically include() so that
sensitive information is not in the root path. Total security is not
my goal, but rather reasonable obstacles to friendly, non-malicious
entities.
In other words, I want a pony. I want a single command to log in from
my own machine right to the mysql cli, but I don't want anyone else to
have simple access to that cli. Actually, I pretty much do have that
pony. I just wondered how ti worked.
Thanks!
--
Dotan Cohen
http://gibberish.co.il
http://what-is-what.com
More information about the CentOS
mailing list