Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens
Date
Msg-id 200111281913.fASJDiB27686@candle.pha.pa.us
Whole thread Raw
In response to Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up
List pgsql-hackers
> Lincoln Yeoh <lyeoh@pop.jaring.my> writes:
> > At 01:08 AM 11/28/01 -0500, Tom Lane wrote:
> >> ...  Password auth sucks from a convenience point of view
> >> (or even from a possibility point of view, for scripts; don't forget
> >> the changes that you yourself recently applied to guarantee that a
> >> script *cannot* supply a password to psql).
> 
> > Ack. We can't send in passwords to psql anymore? :(
> 
> Well, Bruce, you were the one that was hot to make that /dev/tty change.
> Time to defend it.

OK, I remember now. The issue was how to handle:cat file | psql test

In previous releases, you _had_ to have the password as the first line
in file.  In the current code, if you are running from a terminal, you
supply the password from the keyboard.  If you are running from a batch
job that has no terminal (/dev/tty), you must have the password as the
first line in the file.

People were complaining about the old behavior.

I modeled the changes after the BSD getpass(), which I assume is the
standard behavior on most unixes.

It would be nice to extend .psqlrc to allow storage of passwords, but
that is only read by psql and not by all libpq applications.  Not sure
how to handle this.

I will document the security problem with PGPASSWORD and add a TODO item
to remove it in 7.3.  Is that OK with everyone?

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026
 


pgsql-hackers by date:

Previous
From: Bruce Momjian
Date:
Subject: Re: Call for platform testing
Next
From: Tom Lane
Date:
Subject: Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up