I just have a question: basic instructions about security and CLI, include the following advice: never put your password in a CLI instruction because it can be sniffed thanks some tools (like ps) and even simply end in your personal history.
For example, it is advised not to put directly your mysql password when using mysql -uroot -ppassword mydatabase. It's advised to do mysql -uroot -p mydatabase and then give your password.
Indeed, isnt't it a problem that anyone can decrypt your files with a simple CTRL-R warshield in your shell?
I'm not a security expert, so I'm just asking cause I'm curious :).
Thanks for your article!
I just have a question: basic instructions about security and CLI, include the following advice: never put your password in a CLI instruction because it can be sniffed thanks some tools (like ps) and even simply end in your personal history.
For example, it is advised not to put directly your mysql password when using
mysql -uroot -ppassword mydatabase. It's advised to domysql -uroot -p mydatabaseand then give your password.Indeed, isnt't it a problem that anyone can decrypt your files with a simple
CTRL-R warshieldin your shell?I'm not a security expert, so I'm just asking cause I'm curious :).
The post isn't updated, WarShield had an update 12 days ago which fix this issue, now the password is asked in the process, outside the command :)
I'll fix the post, thanks to make me notice that!