Hot For Coding
MySQL5.6 Using a password on the command line interface can be insecure

最近把MySQL从5.5升到5.6以后,mysqldump居然不好用了,提示

[root@qttc ~]# /usr/local/mysql/bin/mysqldump  -uroot -proot db > bak.sql
Warning: Using a password on the command line interface can be insecure.

这让人有点奇怪,5.5用的一直都很爽,到5.6居然说命令行方式写密码不安全?那密码写哪呢?

在官网文档找到了原因

MySQL users should use the following guidelines to keep passwords secure.
When you run a client program to connect to the MySQL server, it is inadvisable to specify your password in a way that exposes it to discovery by other users. The methods you can use to specify your password when you run client programs are listed here, along with an assessment of the risks of each method. In short, the safest methods are to have the client program prompt for the password or to specify the password in a properly protected option file.

翻译过来大意是在命令行下如果要使用密码可以在执行命令后的提示输入里输入密码,或者在指定的安全文件内指定密码。那安全文件时哪个呢?文档对此给出了答案

Store your password in an option file. For example, on Unix, you can list your password in the [client] section of the .my.cnf file in your home directory

可以在my.cnf内指定,于是打开我的my.cnf,在[mysqldump]下增加

user=root
password=root

文中说的在[client]下面加也可以,但那样就所有块的操作都能共享了,所以生产环境上为了安全还是尽量分开。保存退出再dump就ok了。

[root@qttc ~]# /usr/local/mysql/bin/mysqldump db > bak.sql
[root@qttc ~]#

TITLE: MySQL5.6 Using a password on the command line interface can be insecure

LINK: https://www.qttc.net/423_mysql_using_a_password_on_the_command_line_interface_can_be_insecure.html

NOTE: 转载内容请注明出处