Skip site navigation (1) Skip section navigation (2)

Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up

From: Hannu Krosing <hannu(at)tm(dot)ee>
To: Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up
Date: 2001-11-28 15:03:47
Message-ID: 3C04FCD3.6271235D@tm.ee (view raw or flat)
Thread:
Lists: pgsql-hackers
Lincoln Yeoh wrote:
> 
> At 01:08 AM 11/28/01 -0500, Tom Lane wrote:
> >Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> >> ... But because we are Internet-enabled,
> >> and because our insecurity is only local, it seems OK to people.
> >
> >It's not that it's "okay", it's that we haven't got any good
> >alternatives.  Password auth sucks from a convenience point of view
> >(or even from a possibility point of view, for scripts; don't forget
> >the changes that you yourself recently applied to guarantee that a
> >script *cannot* supply a password to psql).  Ident auth doesn't work,
> >
> 
> Ack. We can't send in passwords to psql anymore? :(
> 
> Is there a safe way to send username and password to psql?

smbclient does it via a file which must be 0600, but I don't know if 
psql has anything like that.

-----------
Hannu

In response to

pgsql-hackers by date

Next:From: Vince VielhaberDate: 2001-11-28 15:10:40
Subject: Re: Sequence docs
Previous:From: Thomas LockhartDate: 2001-11-28 15:03:07
Subject: Re: Sequence docs

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group