Skip site navigation (1) Skip section navigation (2)

Re: pgpass.conf

From: Shane Ambler <pgsql(at)Sheeky(dot)Biz>
To: Graeme Gould <graeme(dot)gould(at)aragon-housing(dot)co(dot)uk>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: pgpass.conf
Date: 2008-05-24 09:30:43
Message-ID: 4837E043.6000504@Sheeky.Biz (view raw or flat)
Thread:
Lists: pgsql-admin
Graeme Gould wrote:
> Hi
> 
> I have noticed something relating to this file that I am slightly 
> worried about.  If you open the pgpass.conf file with Notepad it 
> displays the full contents in open text - including the administrator
>  name and password.
> 
> Is this something that other people have come across and has 
> protecting/ciphering this information ever been considered?
> 

Yes that is normal and I don't believe there is any plan to change it.

 From the manual -

<quote>
On Unix systems, the permissions on .pgpass must disallow any access to
world or group; achieve this by the command chmod 0600 ~/.pgpass. If the
permissions are less strict than this, the file will be ignored. On
Microsoft Windows, it is assumed that the file is stored in a directory
that is secure, so no special permissions check is made.
</quote>

So on windows it is assumed that the owner of the file (the one who's
home dir it is located in and the one running the software that will use
it) is the only one that can access the data in the file. Normal
permissions setup on windows will match this.

It's use is a convenience and I think for the most part not highly
recommended.




-- 

Shane Ambler
pgSQL (at) Sheeky (dot) Biz

Get Sheeky @ http://Sheeky.Biz

In response to

pgsql-admin by date

Next:From: GanimedeDate: 2008-05-25 20:38:59
Subject: make hangs on Solaris 2.6
Previous:From: Jeff FrostDate: 2008-05-23 22:18:49
Subject: Re: Continuing issues... Can't vacuum!

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group