Bug #78703 Securely accept password from command line
Submitted: 5 Oct 2015 11:52 Modified: 22 Dec 2015 7:27
Reporter: Sveta Smirnova (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Utilities Severity:S4 (Feature request)
Version:1.6.2 OS:Any
Assigned to: CPU Architecture:Any

[5 Oct 2015 11:52] Sveta Smirnova
Description:
Currently, if one wants to specify connection parameters via command line she has to type plain-text password: mysqlserverinfo.py --server=root:other-pass@localhost:3308 --format=vertical

This is insecure and deprecated (http://dev.mysql.com/doc/mysql-utilities/1.6/en/mysql-utils-intro-connspec-command_line.ht...)

But mysql command line client, as well as Python programs can accept a password from command line, without echoing it. So why deprecate this option (very useful for Support engineers who connect to dozens of servers per day, new configuration each) and not implement accepting password without echoing it?

How to repeat:
See description.

Suggested fix:
https://docs.python.org/2/library/getpass.html
[22 Dec 2015 7:27] MySQL Verification Team
Hello Sveta,

Thank you for the feature request!

Thanks,
Umesh