Re: worried about PGPASSWORD drop

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Christoph Dalitz <christoph(dot)dalitz(at)hs-niederrhein(dot)de>, PG Mailing List <pgsql-general(at)postgresql(dot)org>
Subject: Re: worried about PGPASSWORD drop
Date: 2002-08-28 14:01:21
Message-ID: 20895.1030543281@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general pgsql-patches

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> The reason for the suggested removal is that we don't have a way of
> knowing with OS's are secure, and which are not. If we could determine
> which OS's were secure, and enable it only on those, it would be OK to
> keep it.

It is not our job to dictate security policy to users. Even on a
platform where environment variables are insecure, the user might be
willing to use PGPASSWORD. For example, suppose it's a laptop with
only one user, connecting via psql to a remote server that demands
passwords. PGPASSWORD could be a perfectly convenient and safe
solution.

We should deprecate it, explain exactly why it's deprecated (which the
current docs fail to do), and leave it up to the user to decide whether
it's safe to use in his context.

If you want to put in security restrictions that are actually useful,
where is the code to verify that PGPASSWORDFILE points at a
non-world-readable file? That needs to be there now, not later, or
we'll have people moaning about backward compatibility when we finally
do plug that hole.

regards, tom lane

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Bruce Momjian 2002-08-28 14:13:12 Re: worried about PGPASSWORD drop
Previous Message Bruce Momjian 2002-08-28 13:54:56 Re: worried about PGPASSWORD drop

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2002-08-28 14:13:12 Re: worried about PGPASSWORD drop
Previous Message Bruce Momjian 2002-08-28 13:54:56 Re: worried about PGPASSWORD drop