Skip site navigation (1) Skip section navigation (2)

Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opensup

From: "Zeugswetter Andreas SB SD" <ZeugswetterA(at)spardat(dot)at>
To: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Christopher Kings-Lynne" <chriskl(at)familyhealth(dot)com(dot)au>
Cc: "Antonio Fiol Bonnin" <fiol(at)w3ping(dot)com>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Doug McNaught" <doug(at)wireboard(dot)com>, "Lincoln Yeoh" <lyeoh(at)pop(dot)jaring(dot)my>, "Hackers" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opensup
Date: 2001-11-30 11:06:32
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
> Of course, given that most OS's don't have the 'ps' environment
> maybe we have to keep PGPASSWORD around.  It is up to the group.  Do
> people want me to change my wording of the option in the SGML sources?
>   <envar>PGPASSWORD</envar>
>   sets the password used if the backend demands password
>   authentication. This is not recommended because the password can
>   be read by others using a <command>ps</command> environment flag
>   on some platforms.

I think the wording is good. I would keep supporting the envar.

What exactly speaks against a commandline switch, that gets hidden
with the postmaster argv trick, and a similar notice as for PGPASSWORD.
For me, this would be the most convenient form of supplying a password
(if I used db side passwords :-).



pgsql-hackers by date

Next:From: Thomas LockhartDate: 2001-11-30 13:51:55
Subject: Re: History question
Previous:From: Karel ZakDate: 2001-11-30 10:53:38
Subject: Re: History question

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group