| From: | Reda Agaoua <reda(dot)agaoua(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Suggestion : support for environment variable in initdb to set the superuser password |
| Date: | 2025-05-27 09:43:11 |
| Message-ID: | CAN+XrdW3PH8kmbUAtfKduycuPDOPQ-KSfVXBgGzx=unJ_O_nGg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
The initdb command currently supports prompting for the superuser password
using --pwprompt or reading it from a file using --pwfile. I’m wondering if
it might also make sense to allow specifying the password via an
environment variable.
I do believe it can be useful in a variety of settings, but I'm not sure
whether this is secure. Specifically, the documentation advises against
using PGPASSWORD for connecting to postgres :
"Use of this environment variable is not recommended for security reasons,
as some operating systems allow non-root users to see process environment
variables via ps; instead consider using a password file (see Section
32.16)." (32.15. Environment Variables)
In my opinion, the context for using PGPASSWORD (i.e. connecting to an
instance) is very different from that of initdb, where the password is only
used once during cluster initialization. So I think the security concerns
from section 32.16 may not necessarily apply here.
I'm looking to contribute to postgres and I'm pretty sure this would be a
good opportunity for getting into the code, but I'm not sure if this idea
is relevant and I’d appreciate your thoughts on whether it's worth pursuing.
Best regards,
Reda AGAOUA
| From | Date | Subject | |
|---|---|---|---|
| Next Message | wenhui qiu | 2025-05-27 09:44:41 | Re: Standardize the definition of the subtype field of AlterDomainStmt |
| Previous Message | Alexander Korotkov | 2025-05-27 09:18:12 | Re: Slot's restart_lsn may point to removed WAL segment after hard restart unexpectedly |