aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichael Koziarski <michael@koziarski.com>2008-05-31 14:58:34 -0700
committerMichael Koziarski <michael@koziarski.com>2008-05-31 15:30:26 -0700
commit0abf0da0016abc455145810d7060a10e0b56b0b6 (patch)
treec8140c6799c2917ad167ea967a2e2ae086951889
parent4e4bcb4c6b08ed392cd5576dcfc252ef574a1b88 (diff)
downloadrails-0abf0da0016abc455145810d7060a10e0b56b0b6.tar.gz
rails-0abf0da0016abc455145810d7060a10e0b56b0b6.tar.bz2
rails-0abf0da0016abc455145810d7060a10e0b56b0b6.zip
Don't provide the password with dbconsole unless explicitly opted in.
Some operating system configurations allow other users to view your process list or environmental variables. This option should not be used on shared hosts. http://dev.mysql.com/doc/refman/5.0/en/password-security.html http://www.postgresql.org/docs/8.3/static/libpq-envars.html
-rw-r--r--railties/lib/commands/dbconsole.rb14
1 files changed, 11 insertions, 3 deletions
diff --git a/railties/lib/commands/dbconsole.rb b/railties/lib/commands/dbconsole.rb
index b81997aa59..17acb7b68f 100644
--- a/railties/lib/commands/dbconsole.rb
+++ b/railties/lib/commands/dbconsole.rb
@@ -2,8 +2,13 @@ require 'erb'
require 'yaml'
require 'optparse'
+include_password = false
+
OptionParser.new do |opt|
- opt.banner = "Usage: dbconsole [environment]"
+ opt.banner = "Usage: dbconsole [options] [environment]"
+ opt.on("-p", "--include-password", "Automatically provide the database from database.yml") do |v|
+ include_password = true
+ end
opt.parse!(ARGV)
abort opt.to_s unless (0..1).include?(ARGV.size)
end
@@ -31,10 +36,13 @@ when "mysql"
'port' => '--port',
'socket' => '--socket',
'username' => '--user',
- 'password' => '--password',
'encoding' => '--default-character-set'
}.map { |opt, arg| "#{arg}=#{config[opt]}" if config[opt] }.compact
+ if config['password'] && include_password
+ args << "--password=#{config['password']}"
+ end
+
args << config['database']
exec(find_cmd('mysql5', 'mysql'), *args)
@@ -43,7 +51,7 @@ when "postgresql"
ENV['PGUSER'] = config["username"] if config["username"]
ENV['PGHOST'] = config["host"] if config["host"]
ENV['PGPORT'] = config["port"].to_s if config["port"]
- ENV['PGPASSWORD'] = config["password"].to_s if config["password"]
+ ENV['PGPASSWORD'] = config["password"].to_s if config["password"] && include_password
exec(find_cmd('psql'), config["database"])
when "sqlite"