From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Sean Chittenden <sean(at)chittenden(dot)org> |
Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-patches(at)postgresql(dot)org |
Subject: | Re: Patch to be verbose about being unable to read ~/.pgpasss... |
Date: | 2003-06-23 17:24:11 |
Message-ID: | 1919.1056389051@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-patches |
Sean Chittenden <sean(at)chittenden(dot)org> writes:
> Those notices were sent to setderr earlier, they were already broken:
> at least now there's a ghost of a chance at the app at picking up
> those errors.
The notice in PasswordFromFile is broken, yes, but it is a recent
addition; it has not been there long and has no seniority in my mind.
And no, there's no "ghost of a chance" for the app to pick it up because
PasswordFromFile runs before the app has any opportunity to install a
notice hook into the new connection object.
>> I didn't hear any strong objection to the idea of treating the
>> weak-protection complaint as a hard error (connection failure), so
>> we can fix the already-existing problem by doing that.
> libpq's a library used by many many applications ... do you envison
> calling abort(), exit() or _exit()?
No, I envision returning a failed connection.
> Seems really broken to halt the
> app based on FS permissions. Imagine an ISP web based environment
> with PHP using libpq to connect to PostgreSQL and an insecure .pgpass
> file. Issuing a warning should be plenty sufficient.
There are environments in which attempting to print on stderr leads to
a core dump (Windows is or at least used to be that way). Returning a
failed connection should not be something the app can't deal with ---
if it is, that app has got problems anyway. But insisting that we can
print on stderr may well be something it cannot overcome.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Sean Chittenden | 2003-06-23 17:35:55 | Re: Small perf fixes/cleanup in src/backend/utils/adt/like.c... |
Previous Message | Sean Chittenden | 2003-06-23 17:15:10 | Re: Patch to be verbose about being unable to read ~/.pgpasss... |