| From: | Ian FREISLICH <if(at)hetzner(dot)co(dot)za> |
|---|---|
| To: | pgsql-patches(at)postgresql(dot)org |
| Subject: | [PATCH] pg_autovacuum commandline password hiding. |
| Date: | 2005-05-24 07:02:58 |
| Message-ID: | E1DaTRK-000H7r-2P@hetzner.co.za |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Hi
I'm not sure if you've done this for a later version of pg_autovacuum.
I'm using what came with postgres-7.4.6. For database security on
a shared server (~800 logins) it's best to set the superuser password
and not allow passwordless connections. The only thing is that
pg_autovacuum keeps the password supplied on the commandline so
anyone that does a 'ps' can get the database superuser password.
--- pg_autovacuum.c.orig Mon Apr 18 08:08:27 2005
+++ pg_autovacuum.c Mon Apr 18 07:57:59 2005
@@ -879,7 +879,8 @@
args->user = optarg;
break;
case 'P':
- args->password = optarg;
+ args->password = strdup(optarg);
+ for (c = 0; optarg[c]; optarg[c++] = 'x');
break;
case 'H':
args->host = optarg;
I hope that this is a worthwhile patch.
Ian
--
Ian Freislich
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Neil Conway | 2005-05-24 07:19:00 | Re: [PATCH] pg_autovacuum commandline password hiding. |
| Previous Message | Achilleus Mantzios | 2005-05-24 06:21:18 | Re: ARRAY() returning NULL instead of ARRAY[] resp. {} |