Warning: Using a password on the command line interface can be insecure. #3
Assignees
Labels
Comments
|
I'll take a look at this. I think there might be an option to silent those warnings. |
|
Or maybe not silent the warnings, but actually pass the password securely... |
|
@linedotpaul let me know if the new update is good enough. |
|
@lysender looks good to me :). One thing to add - I think it's worth adding a warning to the README that warns people to set the permissions to 6-0-0 or equivalent for the my.cnf file if they decide to use it |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If you removed the code at the end of the cron script to suppress e-mail warnings to the admin you get sent an email with an error/warning:
'Warning: Using a password on the command line interface can be insecure.'
To combat this I have created a fork where the database username and password are instead stored in a file (.sqlcnf) which is accessed in the mysqldump command via '--defaults-extra-file'.
I am concerned that this is not necessarily the best solution because it requires the person installing to remember to restrict the permissions on the .sqlcnf file stated in the README in order to prevent it being a security issue in itself.
The text was updated successfully, but these errors were encountered: