Mask or hide password in output
Bug #886069 reported by
BC
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Percona XtraBackup moved to https://jira.percona.com/projects/PXB |
New
|
Undecided
|
Unassigned |
Bug Description
[In:The innobackupex Script]
The script displays the password in clear text in the output. This shouldn't be the case and the password should be removed or masked. In any case it should never be displayed or output at any point.
e.g.
innobackupex: Starting mysql with options: --password=
should be
innobackupex: Starting mysql with options: --password=
Displaying clear text passwords in any sort of output or log is a security vulnerability and very rarely useful or wanted.
It's a duplicate of bug #729843. Fixed in the 1.7 tree. I've targeted that bug to 1.6 series as well.