| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | hubert depesz lubaczewski <depesz(at)gmail(dot)com> |
| Cc: | John Scalia <jayknowsunix(at)gmail(dot)com>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Using psql, pg_dump, pg_restore in a script |
| Date: | 2014-06-16 23:33:30 |
| Message-ID: | 25613.1402961610@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
hubert depesz lubaczewski <depesz(at)gmail(dot)com> writes:
> Giving password as command line option would show it to everybody.
Exactly.
> On the other hand - plaintext file should have privileges set so that
> noone, except for owner of the account from which you're running
> psql/pg_dump/pg_restore, can read it.
> If you prefer, you can set PGPASSWORD environment variable - it will also
> be used by all 3 of these programs (and most other).
Note that environment variables are also unsafe on some platforms, though
(I think) not all. The .pgpass solution is actually quite the safest one.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Евгений Селявка | 2014-06-17 09:00:33 | Re: PostgreSQL db |
| Previous Message | hubert depesz lubaczewski | 2014-06-16 19:49:05 | Re: Using psql, pg_dump, pg_restore in a script |