Re: postgresql-7.1.3 pg_ctl password authentication and startup

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Benjamin Yu <benjaminlyu(at)yahoo(dot)com>, pgsql-patches(at)postgresql(dot)org
Subject: Re: postgresql-7.1.3 pg_ctl password authentication and startup
Date: 2001-10-12 06:25:14
Message-ID: 24569.1002867914@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> Can I get comments on this?

Ugh.

> It allows storage of a super-user password
> in a file under /data that gets passed in psql. I don't like the fact
> the password is stored unencrypted

Entirely unacceptable IMHO. We just spent a large amount of work to
eliminate the need to keep any unencrypted passwords inside $PGDATA
... and this patch proposes to sling one right back in there, in an
easy-to-find place no less. Mess up the protection on $PGDATA, and
you've given away the store.

pg_ctl is certainly in need of work for systems that use password
security, but this is not a good fix.

regards, tom lane

In response to

Browse pgsql-patches by date

  From Date Subject
Next Message Tom Lane 2001-10-12 06:31:15 Re: psql: default base and password reading
Previous Message Thomas Lockhart 2001-10-12 05:53:47 Re: psql: default base and password reading