PT-23 - ps files in pt-stalk samples disclose MySQL password

- Added password-related warnings into the documentation

bin/pt-stalk

@@ -1848,8 +1848,7 @@ if    [ "${0##*/}" = "$TOOL" ] \
    EXT_ARGV="$(arrange_mysql_options "$EXT_ARGV $MYSQL_ARGS")"
 
    # Test if MySQL password provided on command line; warn if so.
-   # Matches: --password=VALUE or -pVALUE (short form with no space)
-   if [ -n "$OPT_PASSWORD" ] || $(echo "$EXT_ARGV" | grep -qP "(--password=.+?)|(^|\s)-p[^\s-]+(\s|$)"); then
+   if [ -n "$OPT_PASSWORD" ] || $(echo "$EXT_ARGV" | grep -qP "(\-\-password=)|((^|\s)+\-p[^\s]+)"); then
       log 'Providing MySQL password on the command line interface is insecure. It will be visible in the operating system process list and stored in the collected output of the ps command. Consider using a configuration file or the --ask-pass option instead.';
    fi
 
@@ -1948,6 +1947,8 @@ server.  Before using this tool, please:
 
 =item * Backup your production server and verify the backups
 
+=item * Do NOT provide the MySQL password on the command line with the L<"--password"> option. MySQL passwords provided on the command line are visible to all users on the system and are stored in the collected output of the C<"ps"> command. Use a MySQL option file or the L<"--ask-pass"> option instead.
+
 =back
 
 =head1 DESCRIPTION
@@ -2274,6 +2275,10 @@ short form: -p; type: string
 Password to use when connecting.
 If password contains commas they must be escaped with a backslash: "exam\,ple"
 
+B<WARNING>: Providing the password on the command line is insecure. The password will
+be visible to all users on the system and will be stored in the collected output of
+the C<"ps"> command. Use a MySQL option file or the L<"--ask-pass"> option instead.
+
 =item --pid
 
 type: string; default: /var/run/pt-stalk.pid