Skip site navigation (1) Skip section navigation (2)

Re: PGPASSWORD

From: Oliver Jowett <oliver(at)opencloud(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: postgresbugs <postgresbugs(at)grifent(dot)com>,pgsql-bugs(at)postgresql(dot)org
Subject: Re: PGPASSWORD
Date: 2005-02-25 20:34:47
Message-ID: 421F8BE7.20805@opencloud.com (view raw or flat)
Thread:
Lists: pgsql-bugs
Tom Lane wrote:
> postgresbugs <postgresbugs(at)grifent(dot)com> writes:
> 
>>I would like to recommend removing the deprecation flag from PGPASSWORD. 
> 
> 
> Do you understand why it's deprecated?  It's because on some operating
> systems, everyone on the machine can see your environment variable
> values (if they know how to look).  We cannot prevent that.

Assuming that you can't tweak .pgpass (for example, you're just 
propagating a password you interactively got from the user), what's the 
recommended way to provide the password?

The solution I've seen elsewhere is to pass it on an additional FD 
that's specified in a command-line option ("--password-fd=4"). But AFAIK 
the postgres tools don't support this.

-O

In response to

Responses

pgsql-bugs by date

Next:From: Tom LaneDate: 2005-02-25 20:39:11
Subject: Re: PGPASSWORD
Previous:From: Tom LaneDate: 2005-02-25 16:08:04
Subject: Re: PGPASSWORD

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group