Adam Laurie wrote:
> Michael Widenius wrote:
> > >>>>> "Adam" == Adam Laurie <adam@stripped> writes:
> > Adam> Can I suggest you create an empty ~/.my.cnf with the correct file
> > Adam> permisions (i.e. same as ~/.mysql_history) so that later setups don't
> > Adam> inadvertantly leak passwords & stuff...
> > The question is when to do this. We can't to this when installing
> > MySQL, as the there is probably going to be many more users than just
> > the one that is doing the install. I also don't think it's a good idea to
> > automaticly create the above file in all our clients.
> i would do it at the same time you create the ~/.my.history file - i.e.
> the first time you run a client.
> > One solution would be te check the permission of the ~/.my.cnf file
> > each time you start the mysql client and if it's readable for all give
> > a warning for this. Do you think this would be good enough for you?
> no, because the user may not understand/care about the issue. we have to
> protect against lazy/dumb users. a warning would be good as well, so if
> they accidentally change it's permissions they get to notice.
Not only should the client give a warning,
it could remove the extra permission(s) as well.
That way, users who care about warnings will find out what happened,
and users who don't care will have it done nonetheless, automagically.