-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 1.3.0
-
Fix Version/s: None
-
Component/s: Enforcer
-
Labels:None
A surprise, and possibly a security concern:
When trying to setup a KASP database in MySQL with a difficult password, I ran into the problem that it contained a shell-special character. I received an attempted mysql cmdline, including a -p with the password. The shell had gotten confused over it.
This is an unwise constraint on the possible passwords -- and it makes them being interpreted, shown in process listings, and so on. A much better solution is to provide the password on the input stream. A workaround for some of the problems would be to quote the password. I just picked another password, but felt estanged enough to report this as a point of attention on OpenDNSSEC security.
-Rick