diff options
author | Michael Koziarski <michael@koziarski.com> | 2008-05-31 14:58:34 -0700 |
---|---|---|
committer | Michael Koziarski <michael@koziarski.com> | 2008-05-31 15:30:26 -0700 |
commit | 0abf0da0016abc455145810d7060a10e0b56b0b6 (patch) | |
tree | c8140c6799c2917ad167ea967a2e2ae086951889 | |
parent | 4e4bcb4c6b08ed392cd5576dcfc252ef574a1b88 (diff) | |
download | rails-0abf0da0016abc455145810d7060a10e0b56b0b6.tar.gz rails-0abf0da0016abc455145810d7060a10e0b56b0b6.tar.bz2 rails-0abf0da0016abc455145810d7060a10e0b56b0b6.zip |
Don't provide the password with dbconsole unless explicitly opted in.
Some operating system configurations allow other users to view your process list
or environmental variables. This option should not be used on shared hosts.
http://dev.mysql.com/doc/refman/5.0/en/password-security.html
http://www.postgresql.org/docs/8.3/static/libpq-envars.html
-rw-r--r-- | railties/lib/commands/dbconsole.rb | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/railties/lib/commands/dbconsole.rb b/railties/lib/commands/dbconsole.rb index b81997aa59..17acb7b68f 100644 --- a/railties/lib/commands/dbconsole.rb +++ b/railties/lib/commands/dbconsole.rb @@ -2,8 +2,13 @@ require 'erb' require 'yaml' require 'optparse' +include_password = false + OptionParser.new do |opt| - opt.banner = "Usage: dbconsole [environment]" + opt.banner = "Usage: dbconsole [options] [environment]" + opt.on("-p", "--include-password", "Automatically provide the database from database.yml") do |v| + include_password = true + end opt.parse!(ARGV) abort opt.to_s unless (0..1).include?(ARGV.size) end @@ -31,10 +36,13 @@ when "mysql" 'port' => '--port', 'socket' => '--socket', 'username' => '--user', - 'password' => '--password', 'encoding' => '--default-character-set' }.map { |opt, arg| "#{arg}=#{config[opt]}" if config[opt] }.compact + if config['password'] && include_password + args << "--password=#{config['password']}" + end + args << config['database'] exec(find_cmd('mysql5', 'mysql'), *args) @@ -43,7 +51,7 @@ when "postgresql" ENV['PGUSER'] = config["username"] if config["username"] ENV['PGHOST'] = config["host"] if config["host"] ENV['PGPORT'] = config["port"].to_s if config["port"] - ENV['PGPASSWORD'] = config["password"].to_s if config["password"] + ENV['PGPASSWORD'] = config["password"].to_s if config["password"] && include_password exec(find_cmd('psql'), config["database"]) when "sqlite" |