mysql_upgrade leaks the admin password when it spawns a shell process to execute mysqlcheck

Description

Running mysql_upgrade on a server with a large number of database might take a while. During this time, if any user on the system does a ps axf, the user will see the mysql admin password in plain text:

So, although the mysqlcheck command itself hides the password in the process listing, it leaks because myslq_upgrade shell out to execute the command. A possible fix (although I don't know anything about mariadb code) is to avoid shell-ing out and doing a fork+exec instead.

Environment

mysql Ver 15.1 Distrib 10.0.19-MariaDB, for Linux (x86_64) using readline 5.1

Assignee

Sergei Golubchik

Reporter

Steven Fernandez

Labels

Components

Fix versions

Affects versions

Priority

Major
Configure