From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>, Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens |
Date: | 2001-11-28 19:55:34 |
Message-ID: | 3843.1006977334@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> The idea of allowing the password to be stored in a file with 600
> permissions seems quite standard. CVS does this.
Seems it would be nice if psql could accept a switch along the lines of
--password-is-in-file filename
and go off to read the password from the named file (which we hope is
secured correctly).
Or take it a little further: what about defining a PGPASSWORDFILE
environment variable that libpq would consult, before or instead of
PGPASSWORD? That would give us the same feature for free across all
libpq-using apps, not only psql. Exposing a file name in the
environment is not a security risk, I hope.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2001-11-28 20:00:07 | Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens |
Previous Message | Vince Vielhaber | 2001-11-28 19:46:02 | Re: Sequence docs |