WebFaction
Community site: login faq

I want to use python Fabric to create an automated backup script that runs on my windows box and periodically backups up my database and zips the db backup along with my site files and then downloads them. I've got the basics of Fabric (awesome tool btw). However I'm trying to figure out the best way from exposing my password on ps when saving my mysql database. I'm following the example here:

Backing Up a Database Automatically

Trying to adapt that to fabric I believe I'd do something like:

run("MYSQL_PWD=password mysqldump -u database_name database_name > $HOME/db_backups/database_name-date +\%Y\%m\%d.sql 2>> $HOME/db_backups/cron.log")

I'm not sure if that will work as I've never seen the setting of a (I guess environment?) variable before a command. However won't that expose my mysql password to viewers of ps? And if so, what's the best way to hide it?

asked 13 Nov '11, 19:10

user
471419
accept rate: 0%


There should be no security issue, If you can outline one step by step so we can fix it, or would like us to look directly, you may submit a support ticket. The environment variable will be executed as your user, so only your user could view it. The ps utility will show us the path to the binary being ran, but not the complete command being ran as typed. So we would be able to see your user accessing mysqldump, but nothing else.

permanent link

answered 13 Nov '11, 19:51

johns
5.4k412
accept rate: 23%

P.S. - That is assuming you do not place the script in a web root path. You should keep your fabric scripts outside of the application web root paths, as this would make them publicly viewable.

(13 Nov '11, 19:53) johns

Ok thanks wasn't sure if ps would show complete command as typed.

(13 Nov '11, 20:27) user

Actually, this is mentioned as "extremely insecure" here: http://dev.mysql.com/doc/refman/5.5/en/password-security-user.html

permanent link

answered 09 Jan '13, 16:14

Klaas
111
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×45
×7
×6

question asked: 13 Nov '11, 19:10

question was seen: 7,212 times

last updated: 09 Jan '13, 16:14

                              
WEBFACTION
REACH US
SUPPORT
LEGAL
© COPYRIGHT 2003-2021 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM