Re: pg_dump

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: David Saracini <dsaracini(at)yahoo(dot)com>
Cc: Josh Kupershmidt <schmiddy(at)gmail(dot)com>, pgsql novice forum <pgsql-novice(at)postgresql(dot)org>
Subject: Re: pg_dump
Date: 2009-08-27 01:52:37
Message-ID: 25952.1251337957@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

David Saracini <dsaracini(at)yahoo(dot)com> writes:
> I guess what I'm wishing for is that pg_dumb was changed to where the
> password could be sent via the command line. I've seen this requested
> multiple times and it's always been just rejected. I'm not sure why.
> Anyone know?

Yes: on most platforms, anything exposed on a process command line is
*FAR* more insecure than any of the alternatives you just dismissed out
of hand as not secure enough for you. See "ps" and equivalents.

regards, tom lane

In response to

  • Re: pg_dump at 2009-08-27 01:48:24 from David Saracini

Responses

  • Re: pg_dump at 2009-08-27 02:20:52 from David Saracini

Browse pgsql-novice by date

  From Date Subject
Next Message David Saracini 2009-08-27 02:20:52 Re: pg_dump
Previous Message David Saracini 2009-08-27 01:48:24 Re: pg_dump