R: Authentication in batch processing

> -----Messaggio originale-----
> Da: Bruce Momjian [mailto:pgman(at)candle(dot)pha(dot)pa(dot)us]
> Inviato: mercoledì 10 luglio 2002 4.11
> A: Kevin Brannen
> Cc: pgsql-admin(at)postgresql(dot)org
> Oggetto: Re: [ADMIN] Authentication in batch processing
>
>
> Kevin Brannen wrote:
> > Bruce Momjian wrote:
> > ...
> > >
> > > 7.3 may remove PGPASSWORD, I think, and instead allow you
> to specify
> > > a file that contains the password.
> >
> > But do you know how many hours it took me to find out about
> PGPASSWORD
> > in the docs and now you want to change that? :-)
> >
> > How about all 4 approaches: on the command-line, from an env-var,
> > from
> > a file, and finally prompting if there's a tty. Pick any
> order you want
> > on the first 3, but flexibility is important, and circumstances do
> > change over time that may make 1 more desireable then the others.
>
> PGPASSWORD is a security problem on platforms that can show
> environment variables, mostly *BSD's, and most people don't
> know it is visible.

Even on linux platforms is vulnerable by typing:

ps -e ewww

--------------------------------------------------
xmedia
New Media Agency
--------------------------------------------------
Stefano Coletta <mailto:coletta(at)xmedia(dot)net>
Network Admin <http://www.xmedia.net>
via Francesco Benaglia, 13 - Tel. +39 06 588851
00153 Roma Italy fax +39 06 58885016
--------------------------------------------------