| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Jasen Betts <jasen(at)xnet(dot)co(dot)nz> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: specifying a password on the cmd line for db connect |
| Date: | 2009-11-26 15:27:07 |
| Message-ID: | 1933.1259249227@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Jasen Betts <jasen(at)xnet(dot)co(dot)nz> writes:
> On 2009-11-17, Ashesh Vashi <ashesh(dot)vashi(at)enterprisedb(dot)com> wrote:
>> You can always use the environment variable PGPASSWORD to do that.
>> Though - it is not recommended to use for security reason. :(
> as long as it's not in the default environment it's better than a
> command-line password.
On some platforms it's possible to see all of a process's environment
variables using ps-like tools. That's why PGPASSWORD is deprecated.
If you're certain that your platform is not like this, then
"export PGPASSWORD=foo" is probably reasonably safe. On the whole,
though, a .pgpass file is probably safer as well as more convenient.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alan Hodgson | 2009-11-26 15:38:58 | Re: READ ONLY & I/O ERROR |
| Previous Message | Chris Barnes | 2009-11-26 14:54:28 | Bestpractice for upgrading from enterpriseDB 8.3.3 to rpm 8.4.1. |