Re: BUG #1567: can't hide password with pg_autovacuum

I believe that pg_autovacuum will work with a .pgpass file just like any
libpq based application.

Olivier Thauvin wrote:

>The following bug has been logged online:
>
>Bug reference: 1567
>Logged by: Olivier Thauvin
>Email address: nanardon(at)nanardon(dot)homelinux(dot)org
>PostgreSQL version: 8.0.1
>Operating system: Linux (Mandrake cooker)
>Description: can't hide password with pg_autovacuum
>Details:
>
>I found an security with pg_autovacuum :(
>After looking the README and --help, it seems there is no way to start it
>with a configuration file.
>
>This is not a problem except when the database is password protected, so you
>have to use -P option to get it started (no prompt excpet I missed
>something).
>
>The potential issue come from ps, the password is show in clear:
>
>nanardon 28664 0.4 0.0 3644 1384 ? Ss 04:05 0:00 pg_autovacuum
>-D -s rpm2sql -PXXXXXX
>
>XXXXXX is my password in clear (hidden here of course).
>As you can see, there is enought information here for someone having an
>account on the host to connect to DB with admin privileges on the DB (not as
>postgres user of course, but only the owner of the db can vacuum).
>
>Solution:
>- change the command line after start like some ftp client does
>- having the possiblility to read password from a file
>- taking password from envirronment variable (AUTOVACUUM_PASS=pass
>pg_autovacuum...)
>
>If I have any time, I will try to provide a patch, but my knowledge in C are
>too poor to ensure quality :(
>
>---------------------------(end of broadcast)---------------------------
>TIP 9: the planner will ignore your desire to choose an index scan if your
> joining column's datatypes do not match
>
>
>