/etc/mysql/debian-start exposes debian-sys-maint users password to any users on the box via ps(1)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| mysql-5.1 (Ubuntu) |
Invalid
|
Medium
|
Unassigned | ||
Bug Description
After upgrading a box to Ubuntu 10.04 and rebooting it, I noticed (as
an unprivileged user) the following output in 'ps auxfwww':
root 1161 0.0 0.0 17676 760 ? S 12:40 0:00 /bin/bash /etc/mysql/
root 1163 0.0 0.0 19540 1260 ? S 12:40 0:00 \_ /usr/bin/
root 1174 0.0 0.0 4096 576 ? S 12:40 0:00 | \_ sh -c '/usr/bin/
root 1175 0.0 0.0 27316 2036 ? S 12:40 0:00 | \_ /usr/bin/mysqlcheck --no-defaults --port=3306 --socket=
root 1164 0.0 0.0 6156 700 ? S 12:40 0:00 \_ egrep -v ^(1|@had|ERROR (1054|1060|1061))
root 1165 0.0 0.0 4000 652 ? S 12:40 0:00 \_ logger -p daemon.warn -i -t/etc/
And I confirmed that the exposed password is in fact the
debian-sys-maint password for this box.
(Also, it was quite some time after the box had booted, the exposure
window is not short if you have a non-trivial database.)
| visibility: | private → public |
| Changed in mysql-5.1 (Ubuntu): | |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| Gabriel Ramirez (gabriel1109) wrote | #1 |
| Changed in mysql-5.1 (Ubuntu): | |
| status: | Confirmed → Invalid |
Hello, we apologize for the delayed response but as we are no longer able to reproduce this on a later version of Ubuntu, we are going to close this out. Thank you!