{kb-symptom}
{{r1soft-mysql-util}} publishes the password for the MySQL backup user for all to see in the process list.
Steps to reproduce the issue:
1. Restore a MySQL database from the CDP Server.
2. Log in to the client where the database is being restored as an unprivileged user.
3. Run the following command on the shell (as an unprivileged user):
{code}ps axuf | grep r1soft-mysql-util{code}
Output:
{code} \_ /usr/sbin/r1soft/bin/r1soft-mysql-util --wait-ping --hostname localhost --port 3307 --user backup-user --pass Euk581***************** {code}
4. The unprivileged user now has the username and password for the MySQL backup user. It is now possible to log in to MySQL as "backup-user."
{kb-resolution}
The issue has been corrected in CDP 4.0.0.
{kb-related-articles}
{{r1soft-mysql-util}} publishes the password for the MySQL backup user for all to see in the process list.
Steps to reproduce the issue:
1. Restore a MySQL database from the CDP Server.
2. Log in to the client where the database is being restored as an unprivileged user.
3. Run the following command on the shell (as an unprivileged user):
{code}ps axuf | grep r1soft-mysql-util{code}
Output:
{code} \_ /usr/sbin/r1soft/bin/r1soft-mysql-util --wait-ping --hostname localhost --port 3307 --user backup-user --pass Euk581***************** {code}
4. The unprivileged user now has the username and password for the MySQL backup user. It is now possible to log in to MySQL as "backup-user."
{kb-resolution}
The issue has been corrected in CDP 4.0.0.
{kb-related-articles}