Description:
Usage of script mysqld_multi. (Security problem)

If a shutdown of the server take a long time, the problem is that
a "ps aux | grep mysqladmin" show the mysqld_multi user with clear
password that execute the "mysqladmin shutdown".

How to repeat:
List the mysqladmin processes at the time of the shutdown of the mysql server. (Immediately after the "mysqld_multi stop" command).
You can see the process that show user and clear password.

Suggested fix:
I have commented out these rows of mysqld_multi script:

#> diff /usr/local/mysql/bin/mysqld_multi /usr/local/mysql/bin/mysqld_multi.original
376,377c376,377
<   #$tmp = " -u $opt_user";
<   #$tmp.= defined($opt_password) ? " -p$opt_password" : "";
---

>>   $tmp = " -u $opt_user";
>>   $tmp.= defined($opt_password) ? " -p$opt_password" : "";

#>

Put the mysqld_multi user and password on the ~/.my.cnf
configuration file, in the [mysqld_multi] section of the system user that
it executes mysqld_multi.

I think it's not a feature request but rather bugreport. mysql password certainly must not be seen in the process list.

Thank you for a problem report. mysqladmin is just one of the MySQL clients. The following manual page, http://dev.mysql.com/doc/refman/5.0/en/password-security.html, describes the way to solve the problem, I think:

"Store your password in an option file. For example, on Unix you can list your password in the [client] section of the .my.cnf file in your home directory:

[client]
password=your_pass

If you store your password in .my.cnf, the file should not be accessible to anyone but yourself. To ensure this, set the file access mode to 400 or 600. For example:

shell> chmod 600 .my.cnf"

So, please, do not provide password for mysql_multi at all, but use this option file. Inform about the results.

No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".