DEV Community

Discussion on: Protect your data with WarShield

Collapse
einenlum profile image
Yann Rabiller

Thanks for your article!

I just have a question: basic instructions about security and CLI, include the following advice: never put your password in a CLI instruction because it can be sniffed thanks some tools (like ps) and even simply end in your personal history.

For example, it is advised not to put directly your mysql password when using mysql -uroot -ppassword mydatabase. It's advised to do mysql -uroot -p mydatabase and then give your password.

Indeed, isnt't it a problem that anyone can decrypt your files with a simple CTRL-R warshield in your shell?

I'm not a security expert, so I'm just asking cause I'm curious :).

Collapse
quantumsheep profile image
Nathanael Demacon Author

The post isn't updated, WarShield had an update 12 days ago which fix this issue, now the password is asked in the process, outside the command :)

I'll fix the post, thanks to make me notice that!