| From: | Oliver Jowett <oliver(at)opencloud(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | postgresbugs <postgresbugs(at)grifent(dot)com>, pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: PGPASSWORD |
| Date: | 2005-02-25 20:34:47 |
| Message-ID: | 421F8BE7.20805@opencloud.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Tom Lane wrote:
> postgresbugs <postgresbugs(at)grifent(dot)com> writes:
>
>>I would like to recommend removing the deprecation flag from PGPASSWORD.
>
>
> Do you understand why it's deprecated? It's because on some operating
> systems, everyone on the machine can see your environment variable
> values (if they know how to look). We cannot prevent that.
Assuming that you can't tweak .pgpass (for example, you're just
propagating a password you interactively got from the user), what's the
recommended way to provide the password?
The solution I've seen elsewhere is to pass it on an additional FD
that's specified in a command-line option ("--password-fd=4"). But AFAIK
the postgres tools don't support this.
-O
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2005-02-25 20:39:11 | Re: PGPASSWORD |
| Previous Message | Tom Lane | 2005-02-25 16:08:04 | Re: PGPASSWORD |