Bruce Momjian <bruce(at)momjian(dot)us> writes:
> Magnus Hagander wrote:
>> PGPASSFILE takes a full path name, so you can put the file anywhere you
>> want. Just like on Unix.
> OK, so we _do_ need to check the permissions on pgpass on Win32, but we
> just don't know how to do that?
We could ignore PGPASSFILE on Windows, or restrict it to be in the
secure directory ...
regards, tom lane