| Bug #53429 | undocumented default password in admin plugin | ||
|---|---|---|---|
| Submitted: | 5 May 2010 9:45 | Modified: | 7 Dec 2010 11:07 |
| Reporter: | Jan Kneschke | Email Updates: | |
| Status: | QA testing | Impact on me: | |
| Category: | MySQL Proxy: Core | Severity: | S3 (Non-critical) |
| Version: | 0.8.0 | OS: | Any |
| Assigned to: | Jan Kneschke | CPU Architecture: | Any |
[5 May 2010 9:57]
Enterprise Tools JIRA Robot
Jan Kneschke writes: revno: 1067 committer: jan@mysql.com branch nick: trunk timestamp: Wed 2010-05-05 11:53:22 +0200 message: remove default values for --admin-username and --admin-password and force the user to provide values for it (fixes #53429)
Description: The admin plugin has a undocumented default-value for --admin-password (see #53014). How to repeat: ... if (!config->admin_username) config->admin_username = g_strdup("root"); if (!config->admin_password) config->admin_password = g_strdup("secret"); Suggested fix: remove the default value and force the user to provide a setting if the admin plugin is loaded.