| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | Zlatko Mati? <zlatko(dot)matic1(at)sb(dot)t-com(dot)hr> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: How to secure pgpass file from unauthorized reading of passwords ? (WIndows) |
| Date: | 2005-10-12 13:02:25 |
| Message-ID: | 20051012130225.GC20074@svana.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Oct 12, 2005 at 11:34:58AM +0200, Zlatko Mati? wrote:
> Hello.
>
> It seems that for all automated tasks (backup, autovacuum etc.) passwords should be provided by pgpass file.
> But, anyone can read pgpass file....
>
> How can I make it secure that nobody can read it, except programs for backup and autovacuum ?
Err, normal filesystem permissions. Say mode 600 in UNIX.
If you're using UNIX you can allow ident auth via UNIX domain for the
backup user. That's very secure.
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Reinhard Max | 2005-10-12 13:12:32 | Re: PostgreSQL missing in SuSE 10? |
| Previous Message | Andrew Sullivan | 2005-10-12 12:10:59 | Re: PostgreSQL 8.1 vs. MySQL 5.0? |