I sometimes do echo "secret" | mysql -u root -p ...
. Now I'm concerend about security here: can someone listing all processes see the password?
To check I tried with echo "test" | sleep 1000
and the echo command with the secret was not visible in the output of "ps aux". So I assume it's secure - but can a security expert confirm it please? :)
The answer to this depends on which shell you are using. Many shells have
echo
as a builtin command meaning that it does not spawn a separate process and hence will not show up in a process listing. However, if you type/bin/echo
or./echo
or if you disable the builtins with theenable -n echo
command, then the shell will not use its builtin command and will use the binary version instead. This will show up in a process listing.If you are using the binary rather than the shell builtin, the echo command will show up for as long as it takes to move the data into the other process's STDIN buffer. This buffer has a finite size so if there is more data than will fit in the buffer, the echo command will have to hang around for a while until the other process can read some of the data out of the buffer. For most cases (such as the two examples you gave above) this time period will be microseconds. If you happen to be pasting a 20MB SQL dump into MySQL using echo, this could be longer. No matter how short the time is, if you are using the binary instead of the shell builtin and someone happens to get the timing just right, they will be able to see the process in the process list.
You can avoid this by putting the secret data into a file (with appropriate permissions) and using the file as STDIN like this:
For the mysql case ~/.my.cnf can be used to store secrets, ie
Just use
and hit enter. You will then be prompted for the password and it will not be visible in either the process list or the history files.
passing passwords via command line arguments is always not recommended, try at least stdin or fifo, such as:
this way the $password will not be exposed to history or
ps aux
If by "secure" you mean "not visible in the output of
ps
", then yes, it is secure. But don't forget that other processes that share theUID
with the running mysql client (or those running with root privileges, obviously) can access itsSTDIN
. To use your echo/sleep example:The above is
Linux
specific, and relies onprocfs
.