Re: Storing the password in .pgpass file in an encrypted format

From: Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>
To: firoz e v <firoz(dot)ev(at)huawei(dot)com>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Storing the password in .pgpass file in an encrypted format
Date: 2014-02-21 14:15:11
Message-ID: 20140221141511.GJ4759@eldon.alvh.no-ip.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

firoz e v wrote:
> Hi,
>
> Is there a way to store the password in ".pgpass" file in an encrypted format (for example, to be used by pg_dump).
>
> Even though, there are ways to set the permissions on .pgpass, to disallow any access to world or group, the security rules of many organizations disallow to hold any kind of passwords, as plain text.
>
> If there is no existing way to do this, shall we take up this, as a patch?

Maybe you can memfrob() the password to encrypt it before writing, and
then memfrob() it back before applying it. Would that be secure?

--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Christian Kruse 2014-02-21 14:28:52 Re: Storing the password in .pgpass file in an encrypted format
Previous Message Hadi Moshayedi 2014-02-21 14:11:53 Cost estimation in foreign data wrappers