Skip site navigation (1) Skip section navigation (2)

Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opensup

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Zeugswetter Andreas SB SD <ZeugswetterA(at)spardat(dot)at>
Cc: Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Antonio Fiol Bonnin <fiol(at)w3ping(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Doug McNaught <doug(at)wireboard(dot)com>, Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>, Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opensup
Date: 2001-11-30 17:45:06
Message-ID: 200111301745.fAUHj7F18418@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
> 
> > Of course, given that most OS's don't have the 'ps' environment
> problem,
> > maybe we have to keep PGPASSWORD around.  It is up to the group.  Do
> > people want me to change my wording of the option in the SGML sources?
> > 
> >   <envar>PGPASSWORD</envar>
> >   sets the password used if the backend demands password
> >   authentication. This is not recommended because the password can
> >   be read by others using a <command>ps</command> environment flag
> >   on some platforms.
> 
> I think the wording is good. I would keep supporting the envar.
> 
> What exactly speaks against a commandline switch, that gets hidden
> with the postmaster argv trick, and a similar notice as for PGPASSWORD.
> For me, this would be the most convenient form of supplying a password
> (if I used db side passwords :-).

We can hide it but it will be visible for a short period, and many
operating systems either don't allow us to modify the ps args or have
ways of circumventing custom ps display, i.e. it doesn't show updated ps
display if the process is swapped out because ps can't get to the
user-space definitions of the custom args.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

In response to

Responses

pgsql-hackers by date

Next:From: Tom LaneDate: 2001-11-30 17:55:38
Subject: Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opensup
Previous:From: Bruce MomjianDate: 2001-11-30 17:38:42
Subject: Re: History question

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group