MySQL5.6 Using a password on the command line interface can be insecure

SQL/NoSQL 2014-03-18 MySQL5.6,mysqldump

最近把MySQL从5.5升到5.6以后,mysqldump居然不好用了,提示:

[root@qttc ~]# /usr/local/mysql/bin/mysqldump  -uroot -proot db > bak.sql
Warning: Using a password on the command line interface can be insecure.

翻译过来是:在命令行界面上使用密码可以是不安全的

这让人有点郁闷,5.5用的一直都很爽,到5.6居然说命令行方式写密码不安全?那密码写哪呢?

在官网文档找到了缘由,大家可以点击这里看看:http://dev.mysql.com/doc/refman/5.1/en/password-security-user.html

MySQL users should use the following guidelines to keep passwords secure.

When you run a client program to connect to the MySQL server, it is inadvisable to specify your password in a way that exposes it to discovery by other users. The methods you can use to specify your password when you run client programs are listed here, along with an assessment of the risks of each method. In short, the safest methods are to have the client program prompt for the password or to specify the password in a properly protected option file.

英文有点烂,但大概读懂意思,翻译过来大意是在命令行下如果要使用密码可以在执行命令后的提示输入里输入密码,或者在指定的安全文件内指定密码。那安全文件时哪个呢?文档对此给出了答案:

 Store your password in an option file. For example, on Unix, you can list your password in the [client] section of the .my.cnf file in your home directory:

可以在my.cnf内指定,于是打开我的my.cnf,在[mysqldump]下增加:

user=root
password=root

文中说的在[client]下面加也可以,但那样就所有块的操作都能共享了,所以生产环境上为了安全还是尽量分开。保存退出再dump就ok了。

[root@qttc ~]# /usr/local/mysql/bin/mysqldump db > bak.sql
[root@qttc ~]#

(END)

文字链接:《MySQL5.6 Using a password on the command line interface can be insecure

文章地址:http://www.qttc.net/201403423.html

除非标注,琼台博客所有博文均为原创,转载请加文字链接注明来源

乳名?小名?昵称?网名?均可

email,放心,我不会给你乱投广告的

想获得回访就把你的站点URL写上(没有留空)

[NOTICE]木要投放广告
[NOTICE]木要骂人,说不该说的话
[NOTICE]自由言论,但要遵纪守法

Comments 0

    Hi,你想第一个做沙发么?