Re: about "pg_dump " without pompt password

From: David Garamond <lists(at)zara(dot)6(dot)isreserved(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Ying Lu <ying_lu(at)cs(dot)concordia(dot)ca>, pgsql-general(at)postgresql(dot)org
Subject: Re: about "pg_dump " without pompt password
Date: 2004-10-02 13:01:53
Message-ID: 415EA6C1.5010609@zara.6.isreserved.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Tom Lane wrote:
>>Is it possible that we setup the password in the pg_dump command line
>
> You might as well put it on a billboard --- anything in the command line
> can be seen by anyone who runs "ps".
>
> If you don't want to supply it manually, put it in ~/.pgpass.

At least in Linux, mysql replaces the password in the command line
argument with "xxxxxxxx" so you can't see them via "ps" nor via peeking
into /proc/<PID>/cmdline.

There is a short period where the password is visible though.

Are there any other risks? Or is the reason for not doing this is
because not all OS'es supports replacing the command line information?

--
dave

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Bernd Buldt 2004-10-02 14:11:44 newby question
Previous Message Sebastian Böck 2004-10-02 10:18:39 Re: Bug with updateable Views and inherited tables?