Re: pgpass.conf

From: Shane Ambler <pgsql(at)Sheeky(dot)Biz>
To: Graeme Gould <graeme(dot)gould(at)aragon-housing(dot)co(dot)uk>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: pgpass.conf
Date: 2008-05-24 09:30:43
Message-ID: 4837E043.6000504@Sheeky.Biz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Graeme Gould wrote:
> Hi
>
> I have noticed something relating to this file that I am slightly
> worried about. If you open the pgpass.conf file with Notepad it
> displays the full contents in open text - including the administrator
> name and password.
>
> Is this something that other people have come across and has
> protecting/ciphering this information ever been considered?
>

Yes that is normal and I don't believe there is any plan to change it.

From the manual -

<quote>
On Unix systems, the permissions on .pgpass must disallow any access to
world or group; achieve this by the command chmod 0600 ~/.pgpass. If the
permissions are less strict than this, the file will be ignored. On
Microsoft Windows, it is assumed that the file is stored in a directory
that is secure, so no special permissions check is made.
</quote>

So on windows it is assumed that the owner of the file (the one who's
home dir it is located in and the one running the software that will use
it) is the only one that can access the data in the file. Normal
permissions setup on windows will match this.

It's use is a convenience and I think for the most part not highly
recommended.

--

Shane Ambler
pgSQL (at) Sheeky (dot) Biz

Get Sheeky @ http://Sheeky.Biz

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Ganimede 2008-05-25 20:38:59 make hangs on Solaris 2.6
Previous Message Jeff Frost 2008-05-23 22:18:49 Re: Continuing issues... Can't vacuum!