| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | postgres-bug(at)gms(dot)tf |
| Cc: | pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #15930: Redact PGPASSWORD environment variable in psql |
| Date: | 2019-07-27 15:23:29 |
| Message-ID: | 20360.1564241009@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> Under Linux, when supplying the password via PGPASSWORD to the psql command
> the password can be easily retrieved from the /proc/$pid/environ pseudo file
> (or indirectly with e.g. `ps ae`) - for the complete runtime of the psql
> process.
This is true on many OSes. Generally speaking, we deprecate use of
PGPASSWORD at all on such platforms. Having psql try to clear it out
seems rather pointless to me, as (a) that does nothing for instances
of the value that appear in the environments of ancestor processes,
and (b) I doubt there is any platform-independent way to hide it.
FWIW, Postgres offers a number of other authentication mechanisms
that can be both more secure and more convenient than passwords.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2019-07-27 16:53:21 | Re: Multiple inheritance and ALTER TABLE issue |
| Previous Message | PG Bug reporting form | 2019-07-27 15:16:55 | BUG #15930: Redact PGPASSWORD environment variable in psql |