| From: | "Ow Mun Heng" <ow(dot)mun(dot)heng(at)wdc(dot)com> |
|---|---|
| To: | "Magnus Hagander" <magnus(at)hagander(dot)net> |
| Cc: | "Tommy Gildseth" <tommy(dot)gildseth(at)usit(dot)uio(dot)no>, <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Best way to "mask" password in DBLINK |
| Date: | 2009-08-12 08:01:16 |
| Message-ID: | D1109E8B2FB53A45BDB60F8145905CE9033B8385@wdmyexbe03.my.asia.wdc.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
-----Original Message-----
From: Magnus Hagander [mailto:magnus(at)hagander(dot)net]
On Wed, Aug 12, 2009 at 09:30, Ow Mun Heng<ow(dot)mun(dot)heng(at)wdc(dot)com> wrote:
>>
>> From: Tommy Gildseth [mailto:tommy(dot)gildseth(at)usit(dot)uio(dot)no]
>>
>> Ow Mun Heng wrote:
>>>> I'm starting to use DBLink / DBI-Link and one of the "bad" things is
>>>that
>>>> the password is out in the clear.
>>>> What can I do to prevent it from being such? How do I protect it from
>>>> 'innocent' users?
>>
>>>If I'm not mistaken, it's possible to put your password in the .pgpass
>>>file in the postgres-users home folder, on the server where the postgres
>>>cluster is running.
>>
>> Isn't that how one connects using the CLI? Eg: via psql?
>You need to put it in the .pgpass file of the postgres user - the one
>that runs the server. .pgpass is dealt with by libpq, and DBLink and
>DBI-Link both use libpq to connect to the remote server.
The View is owned by the user "operator" not postgres
Does it make a difference?
My understanding of your words are that it _does_ make a difference and If I
put it into the .pgpass of the postgres user then all is fine.
Thanks for confirmation
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2009-08-12 08:08:48 | Re: Best way to "mask" password in DBLINK |
| Previous Message | Richard Huxton | 2009-08-12 08:01:11 | Re: NOTICE: there is no transaction in progress |