[Opendnssec-develop] [OpenDNSSEC] #259: KSM interprets passwords
OpenDNSSEC
owner-dnssec-trac at kirei.se
Mon Aug 8 13:34:44 UTC 2011
#259: KSM interprets passwords
--------------------+-------------------------------------------------------
Reporter: vanrein | Owner: sion
Type: defect | Status: new
Priority: minor | Component: Enforcer
Version: 1.3.0 | Keywords:
--------------------+-------------------------------------------------------
A surprise, and possibly a security concern:
When trying to setup a KASP database in MySQL with a difficult password, I
ran into the problem that it contained a shell-special character. I
received an attempted mysql cmdline, including a -p with the password.
The shell had gotten confused over it.
This is an unwise constraint on the possible passwords -- and it makes
them being interpreted, shown in process listings, and so on. A much
better solution is to provide the password on the input stream. A
workaround for some of the problems would be to quote the password. I
just picked another password, but felt estanged enough to report this as a
point of attention on OpenDNSSEC security.
-Rick
--
Ticket URL: <http://trac.opendnssec.org/ticket/259>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC
More information about the Opendnssec-develop
mailing list