| From: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
|---|---|
| To: | Reda Agaoua <reda(dot)agaoua(at)gmail(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Suggestion : support for environment variable in initdb to set the superuser password |
| Date: | 2025-05-28 11:26:01 |
| Message-ID: | e4de310d-ac45-4a51-9411-359c4f312cac@eisentraut.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 27.05.25 11:43, Reda Agaoua wrote:
> I do believe it can be useful in a variety of settings, but I'm not sure
> whether this is secure. Specifically, the documentation advises against
> using PGPASSWORD for connecting to postgres :
>
> "Use of this environment variable is not recommended for security
> reasons, as some operating systems allow non-root users to see process
> environment variables via ps; instead consider using a password file
> (see Section 32.16)." (32.15. Environment Variables)
>
> In my opinion, the context for using PGPASSWORD (i.e. connecting to an
> instance) is very different from that of initdb, where the password is
> only used once during cluster initialization. So I think the security
> concerns from section 32.16 may not necessarily apply here.
Well, insecure is insecure. "Insecure, but it's ok because it's not
used very often" is not a valid excuse.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tender Wang | 2025-05-28 11:30:09 | Re: Standardize the definition of the subtype field of AlterDomainStmt |
| Previous Message | Peter Eisentraut | 2025-05-28 11:22:51 | Re: Standardize the definition of the subtype field of AlterDomainStmt |