Bug #39840 I suggest to add password features to ndb_mgm
Submitted: 3 Oct 2008 14:33 Modified: 4 Jan 2012 7:02
Reporter: ws lee Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Cluster: Cluster (NDB) storage engine Severity:S4 (Feature request)
Version:mysql-5.1 OS:Any
Assigned to: CPU Architecture:Any
Triage: Triaged: D5 (Feature request) / R6 (Needs Assessment) / E6 (Needs Assessment)

[3 Oct 2008 14:33] ws lee
Description:
ndb_mgm is extremely vulnerable in sercurity.
(any client, mysql cluster can shutdown)
This vulnerable sercurity can complement simply.

I suggest to add password features to ndb_mgm 
(when cluster shutdown and node stop, absolutely necessary)

# /usr/local/mysql/bin/ndb_mgm -c"192.192.192.192"
password:

# /usr/local/mysql/bin/ndb_mgm -c"192.192.192.192" -e "shutdown"
password:

How to repeat:
# /usr/local/mysql/bin/ndb_mgm -c"192.192.192.192"
ndb_mgm> shutdown

I don't understand why don't have password feature.
[3 Oct 2008 14:37] Bernd Ocklin
Hi Lee,

thanks for your feature request. It is a common request and thus has our attention already.
[3 Oct 2008 14:42] ws lee
To. Bernhard Ocklin 

Thanks for your fast reply.
When this passowd feature is to be added???
I have been waiting over 2years.
All mysql cluster user maybe was tired!

Password feature is most basic function in all manangement program.
[10 Feb 2009 7:51] ws lee
To. MySQL Ab

When include password function in ndb_mgm?

To avoid shutdown in remote server,
At least, in the case shutdown command, password function necessarily need.

ndb_mgm -c"192.10.10.1" -e "shutdown"
password:
[18 May 2009 13:17] Martin Skold
The ndb_mgm might be replaced with functionality that
support more secure access in the future. Currently
it is advisable to place ndb_mgm behind a firewall.
[4 Jan 2012 7:14] Kevin Benton
Putting ndb_mgm behind a firewall doesn't fix the base issue - that MySQL Cluster doesn't authenticate connectors except to say that an IP is trusted or not. That's just not good enough. Connections should be required to authenticate with a user/password combination at minimum.