| From: | Alvaro Herrera <alvherre(at)atentus(dot)com> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: [GENERAL] worried about PGPASSWORD drop |
| Date: | 2002-08-29 02:05:55 |
| Message-ID: | 20020828220555.328b9352.alvherre@atentus.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-patches |
En Wed, 28 Aug 2002 17:33:34 -0400 (EDT)
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> escribió:
> Alvaro Herrera wrote:
> > Bruce Momjian dijo:
> >
> > > Tom Lane wrote:
> >
> > > > If you want to put in security restrictions that are actually useful,
> > > > where is the code to verify that PGPASSWORDFILE points at a
> > > > non-world-readable file? That needs to be there now, not later, or
> > > > we'll have people moaning about backward compatibility when we finally
> > > > do plug that hole.
> > >
> > > Agreed.
> >
> > Point taken, will look into it later.
>
> Here is some code from postmaster.c that may help:
Thank you. Patch attached. Note that it also checks group access; I think
that is desired as well.
--
Alvaro Herrera (<alvherre[a]atentus.com>)
"Cuando mañana llegue pelearemos segun lo que mañana exija" (Mowgli)
| Attachment | Content-Type | Size |
|---|---|---|
| libpq-perm.patch | application/octet-stream | 1.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andy Samuel | 2002-08-29 02:58:43 | Re: [Pgreplication-general] Master/Slave is in town! |
| Previous Message | Martijn van Oosterhout | 2002-08-28 23:18:14 | Re: Naming-scheme for db-files |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2002-08-29 05:22:14 | Re: small mistakes in func.sgml |
| Previous Message | Tom Lane | 2002-08-29 01:50:41 | Re: Concern about memory management with SRFs |