| From: | Doug McNaught <doug(at)wireboard(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up |
| Date: | 2001-11-28 16:46:20 |
| Message-ID: | m3vgfuq1wj.fsf@belphigor.mcnaught.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:
> Doug McNaught <doug(at)wireboard(dot)com> writes:
> > But this way the password ends up in the environment, which on many
> > systems is visible to other processes/users (via /proc or the 'ps'
> > command).
>
> Your *environment* is visible to other users? Geez, what a broken
> system ...
True on Solaris (/usr/ucb/ps -eax) at least. Other systems too I'm
pretty sure. I thought that Linux let you do it but I just checked
and /proc/<pid>/environ is mode 0400...
-Doug
--
Let us cross over the river, and rest under the shade of the trees.
--T. J. Jackson, 1863
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zeugswetter Andreas SB SD | 2001-11-28 16:48:51 | Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up |
| Previous Message | Jason Earl | 2001-11-28 16:45:09 | Re: Week number |