Skip site navigation (1) Skip section navigation (2)

Re: specifying a password on the cmd line for db connect

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Jasen Betts <jasen(at)xnet(dot)co(dot)nz>
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: specifying a password on the cmd line for db connect
Date: 2009-11-26 15:27:07
Message-ID: 1933.1259249227@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-general
Jasen Betts <jasen(at)xnet(dot)co(dot)nz> writes:
> On 2009-11-17, Ashesh Vashi <ashesh(dot)vashi(at)enterprisedb(dot)com> wrote:
>> You can always use the environment variable PGPASSWORD to do that.
>> Though - it is not recommended to use for security reason. :(

> as long as it's not in the default environment it's better than a
> command-line password.

On some platforms it's possible to see all of a process's environment
variables using ps-like tools.  That's why PGPASSWORD is deprecated.
If you're certain that your platform is not like this, then
"export PGPASSWORD=foo" is probably reasonably safe.  On the whole,
though, a .pgpass file is probably safer as well as more convenient.

			regards, tom lane

In response to

pgsql-general by date

Next:From: Alan HodgsonDate: 2009-11-26 15:38:58
Subject: Re: READ ONLY & I/O ERROR
Previous:From: Chris BarnesDate: 2009-11-26 14:54:28
Subject: Bestpractice for upgrading from enterpriseDB 8.3.3 to rpm 8.4.1.

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group