Bug #49294 Password echo in export logs
Submitted: 1 Dec 2009 20:15 Modified: 15 Dec 2009 10:49
Reporter: Todd Farmer (OCA) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Workbench Severity:S2 (Serious)
Version:5.2.10 r4680 OS:Windows (XP)
Assigned to: Alexander Musienko CPU Architecture:Any

[1 Dec 2009 20:15] Todd Farmer 
Description:
It seems that the data export logging has been augmented in 5.2.10, such that it now includes the full mysqldump command issued - with options, including the user password:

12:04:07 Dumping test (csc41358 )

Running: mysqldump.exe --no-create-info=FALSE --order-by-primary=FALSE --force=FALSE --no-data=FALSE --tz-utc=TRUE --flush-privileges=FALSE --compress=FALSE --replace=FALSE --host=127.0.0.1 --insert-ignore=FALSE --extended-insert=TRUE --user=root --quote-names=TRUE --hex-blob=FALSE --complete-insert=TRUE --password=mypass --port=3310 --disable-keys=TRUE --delayed-insert=FALSE --delete-master-logs=FALSE --routines=FALSE --comments=TRUE --add-locks=TRUE --flush-logs=FALSE --dump-date=TRUE --allow-keywords=FALSE --create-options=TRUE --events=FALSE test csc41358 

How to repeat:
Export data.

Suggested fix:
Password should not be printed to any logs or back to the screen in plain-text.
[11 Dec 2009 12:37] Johannes Taxacher 
fixed in repository. will be included in 5.2.11
[15 Dec 2009 10:49] Tony Bedford 
A 'security fix' entry has been written to the 5.2.11 changelog:

When using the Data Dump facility in the Admin screen, the full mysqldump command, including the password used, was written to the logs.