| From: | Neil Conway <neilc(at)samurai(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Dave Page <dpage(at)vale-housing(dot)co(dot)uk>, Ian FREISLICH <if(at)hetzner(dot)co(dot)za>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: [PATCH] pg_autovacuum commandline password hiding. |
| Date: | 2005-05-25 02:49:42 |
| Message-ID: | 4293E7C6.6070603@samurai.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Tom Lane wrote:
> The question at hand is whether we want to support an obvious security
> hole. The argument that "some people will not care" applies with at
> least as much force to psql or pg_dump, which at least have the grace
> to not hang around and advertise their command-line parameters forever.
> I think that using -P for pg_autovacuum is just plain stupid, even on a
> nominally secure single-user box.
Assuming that command-line parameters are actually globally visible on
your platform, which isn't necessarily the case.
Anyway, I basically agree that the legitimate use-case for this feature
is pretty small, and it is probably worth removing. However, I don't
think it is urgent (there are plenty of other ways to shoot yourself in
the foot), and shouldn't be backpatched -- people may be using this
functionality.
-Neil
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Neil Conway | 2005-05-25 02:50:09 | Re: fix a bogus line in dynahash.c |
| Previous Message | Tom Lane | 2005-05-25 02:44:13 | Re: [PATCH] pg_autovacuum commandline password hiding. |