From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050416 Fedora/1.0.3-1.3.1 Firefox/1.0.3 Description of problem: Mysqlhotcopy allows any user to view valid login names and password for a MySQL database Version-Release number of selected component (if applicable): mysql-3.23.58-16.FC3.1 How reproducible: Always Steps to Reproduce: 1. run mysqlhotcopy on a large database 2. on another terminal run "ps -ef" 3. view an unencrypted username and password for the database Actual Results: unencrypted username and password for the database are seen Expected Results: The username and passwords should be read from a file that is not world readable Additional info:
*** Bug 156077 has been marked as a duplicate of this bug. ***
Isn't this true only if you use the --password option, which the documentation specifically warns you to avoid for precisely this reason?
Fedora Core 3 is not maintained anymore. Setting status to "INSUFFICIENT_DATA". If you can reproduce this bug in the current Fedora release, please reopen this bug and assign it to the corresponding Fedora version.