Skip site navigation (1) Skip section navigation (2)

Re: [GENERAL] worried about PGPASSWORD drop

From: Alvaro Herrera <alvherre(at)atentus(dot)com>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: [GENERAL] worried about PGPASSWORD drop
Date: 2002-08-29 02:05:55
Message-ID: 20020828220555.328b9352.alvherre@atentus.com (view raw or flat)
Thread:
Lists: pgsql-generalpgsql-patches
En Wed, 28 Aug 2002 17:33:34 -0400 (EDT)
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> escribió:

> Alvaro Herrera wrote:
> > Bruce Momjian dijo: 
> > 
> > > Tom Lane wrote:
> > 
> > > > If you want to put in security restrictions that are actually useful,
> > > > where is the code to verify that PGPASSWORDFILE points at a
> > > > non-world-readable file?  That needs to be there now, not later, or
> > > > we'll have people moaning about backward compatibility when we finally
> > > > do plug that hole.
> > > 
> > > Agreed.
> > 
> > Point taken, will look into it later.
> 
> Here is some code from postmaster.c that may help:

Thank you.  Patch attached.  Note that it also checks group access; I think
that is desired as well.

-- 
Alvaro Herrera (<alvherre[a]atentus.com>)
"Cuando mañana llegue pelearemos segun lo que mañana exija" (Mowgli)

Attachment: libpq-perm.patch
Description: application/octet-stream (1.4 KB)

In response to

Responses

pgsql-patches by date

Next:From: Tom LaneDate: 2002-08-29 05:22:14
Subject: Re: small mistakes in func.sgml
Previous:From: Tom LaneDate: 2002-08-29 01:50:41
Subject: Re: Concern about memory management with SRFs

pgsql-general by date

Next:From: Andy SamuelDate: 2002-08-29 02:58:43
Subject: Re: [Pgreplication-general] Master/Slave is in town!
Previous:From: Martijn van OosterhoutDate: 2002-08-28 23:18:14
Subject: Re: Naming-scheme for db-files

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group