| From: | Doug McNaught <doug(at)mcnaught(dot)org> |
|---|---|
| To: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
| Cc: | "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: initdb initial password |
| Date: | 2004-06-15 23:18:18 |
| Message-ID: | 87acz4l8at.fsf@asmodeus.mcnaught.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Magnus Hagander" <mha(at)sollentuna(dot)net> writes:
>>> I would like to add capability to initdb to accept the
>>password for the
>>> superuser account at invocation. Right now, I can use
>>--pwprompt or -W
>>> to have it ask for a password. But for the win32 GUI
>>installed I'd like
>>> to ask for the password in the installer, and pass it to initdb.
>>> Considering how it's done in different places, what's the
>>preferred way
>>> to do this? Commandline parameter? Environment variable? Other (what
>>> would that be?)
>>
>>There's a reason why it's done that way, which is that the others are
>>all insecure. At least on some Unixen.
>
> Other binaries accept the password as an environment variable. Are you
> saying that it's secure to pass it as environment variable to
> psql/pgdump/etc but not to initdb? If so, care to enlighten me as to why
> this is different (I'm clearly not seeing why..)?
The environment variable is there for backward compatibility, but it's
deprecated. There's no reason to enable that functionality in new
code.
-Doug
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Sabino Mullane | 2004-06-15 23:36:51 | Re: Improving postgresql.conf |
| Previous Message | Chris Bowlby | 2004-06-15 23:02:21 | Re: pg_restore recovery from error. |