Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gbak should change param0 to not show username/password in ps axf [CORE867] #1258

Closed
firebird-automations opened this issue Jul 23, 2006 · 8 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: @cincuranet

Jira_subtask_outward CORE868

When you run gbak, other users can see your (or SYSDBA's) password during backup. Changing the param 0 only to i.e. gbak will solve this problem (some security kernel patches, i think aren't the best way).

Commits: 8274d32

@firebird-automations
Copy link
Collaborator Author

Commented by: dbi (dbi)

Please note that wiping command line parameters only makes it harder to discover the password. The long-term/secure solution is to prompt for passwords or read them from file. This would involve adding command-line switches, though.

And, this is not gbak-specific. All command-line utilities which support -password parameter are vulnerable.

@firebird-automations
Copy link
Collaborator Author

Commented by: @cincuranet

Yes, I know, but this makes a little bit harder to see password.
I've created subtask for nreading password from file/input.

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-automations
Copy link
Collaborator Author

Commented by: @AlexPeshkoff

All firebird utilities replace argv[PASSWORD] with *

@firebird-automations
Copy link
Collaborator Author

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.1 Beta 1 [ 10141 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pcisar

Workflow: jira [ 11089 ] => Firebird [ 14632 ]

@firebird-automations
Copy link
Collaborator Author

Modified by: @pavel-zotov

QA Status: No test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment