DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

(mysql.info.gz) Password security

Info Catalog (mysql.info.gz) Passwords (mysql.info.gz) User Account Management (mysql.info.gz) Secure connections 
 
 5.6.6 Keeping Your Password Secure
 ----------------------------------
 
 On an administrative level, you should never grant access to the
 `mysql.user' table to any non-administrative accounts. Passwords in the
 `user' table are stored in encrypted form, but in versions of MySQL
 earlier than 4.1, knowing the encrypted password for an account makes it
 possible to connect to the server using that account.
 
 When you run a client program to connect to the MySQL server, it is
 inadvisable to specify your password in a way that exposes it to
 discovery by other users.  The methods you can use to specify your
 password when you run client programs are listed here, along with an
 assessment of the risks of each method:
 
    * Use a `-pYOUR_PASS' or `--password=YOUR_PASS' option on the command
      line.  For example:
 
           shell> mysql -u francis -pfrank DB_NAME
 
      This is convenient but insecure, because your password becomes
      visible to system status programs such as `ps' that may be invoked
      by other users to display command lines.  MySQL clients typically
      overwrite the command-line password argument with zeros during
      their initialization sequence, but there is still a brief interval
      during which the value is visible.
 
    * Use a `-p' or `--password' option with no password value
      specified.  In this case, the client program solicits the password
      from the terminal:
 
           shell> mysql -u francis -p DB_NAME
           Enter password: ********
 
      The `*' characters indicate where you enter your password. The
      password is not displayed as you enter it.
 
      It is more secure to enter your password this way than to specify
      it on the command line because it is not visible to other users.
      However, this method of entering a password is suitable only for
      programs that you run interactively.  If you want to invoke a
      client from a script that runs non-interactively, there is no
      opportunity to enter the password from the terminal. On some
      systems, you may even find that the first line of your script is
      read and interpreted (incorrectly) as your password!
 
    * Store your password in an option file.  For example, on Unix you
      can list your password in the `[client]' section of the `.my.cnf'
      file in your home directory:
 
           [client]
           password=your_pass
 
      If you store your password in `.my.cnf', the file should not be
      accessible to anyone but yourself. To ensure this, set the file
      access mode to `400' or `600'. For example:
 
           shell> chmod 600 .my.cnf
 
       Option files discusses option files in more detail.
 
    * Store your password in the `MYSQL_PWD' environment variable.  This
      method of specifying your MySQL password must be considered
      extremely insecure and should not be used.  Some versions of `ps'
      include an option to display the environment of running processes.
      If you set `MYSQL_PWD', your password will be exposed to any other
      user who runs `ps'.  Even on systems without such a version of
      `ps', it is unwise to assume that there are no other methods by
      which users can examine process environments.   Environment
      variables.
 
 
 All in all, the safest methods are to have the client program prompt
 for the password or to specify the password in a properly protected
 option file.
Info Catalog (mysql.info.gz) Passwords (mysql.info.gz) User Account Management (mysql.info.gz) Secure connections
automatically generated byinfo2html