From: | Thomas Bley <thbley(at)gmail(dot)com> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: password is no required, authentication is overridden |
Date: | 2006-07-18 21:54:44 |
Message-ID: | 44BD58A4.5090702@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
or maybe split the file up into sections like this example:
[pgadmin3]
localhost:5432:*:postgres:post
[pg_dump]
[psql]
bye
Thomas
Andrew Dunstan wrote:
> Thomas Bley wrote:
>
>>
>>
>> + The .pgpass file will be automatically created if you're using
>> pgAdmin III with "store password" being enabled in the connection
>> settings.
>>
>
> It strikes me that this is actually a bad thing for pgadmin3 to be
> doing. It should use its own file, not the deafult location, at least
> if the libpq version is >= 8.1. We provided the PGPASSFILE environment
> setting just so programs like this could use alternative locations for
> the pgpass file. Otherwise, it seems to me we are violating the POLS,
> as in the case of this user who not unnaturally thought he had found a
> major security hole.
>
> cheers
>
> andrew
>
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Hammond | 2006-07-18 22:00:29 | Re: using constraint based paritioning to fix EAV |
Previous Message | Andrew Dunstan | 2006-07-18 21:41:53 | Re: password is no required, authentication is overridden |