Home > mailing lists

Re: How to secure pgpass file from unauthorized reading of passwords ? (WIndows) - Mailing list pgsql-general

From	Martijn van Oosterhout
Subject	Re: How to secure pgpass file from unauthorized reading of passwords ? (WIndows)
Date	October 12, 2005 13:02:43
Msg-id	20051012130225.GC20074@svana.org Whole thread Raw
In response to	How to secure pgpass file from unauthorized reading of passwords ? (WIndows) (Zlatko Matić <zlatko.matic1@sb.t-com.hr>)
List	pgsql-general

Tree view

On Wed, Oct 12, 2005 at 11:34:58AM +0200, Zlatko Mati? wrote:
> Hello.
>
> It seems that for all automated tasks (backup, autovacuum etc.) passwords should be provided by pgpass file.
> But, anyone can read pgpass file....
>
> How can I make it secure that nobody can read it, except programs for backup and autovacuum ?

Err, normal filesystem permissions. Say mode 600 in UNIX.

If you're using UNIX you can allow ident auth via UNIX domain for the
backup user. That's very secure.
--
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.

Attachment

msg-32091-105321.dat

pgsql-general by date:

From: Zlatko Matić
Date: 12 October 2005, 12:46:43
Subject: How to secure pgpass file from unauthorized reading of passwords ? (WIndows)

From: Reinhard Max
Date: 12 October 2005, 13:12:43
Subject: Re: PostgreSQL missing in SuSE 10?

Re: How to secure pgpass file from unauthorized reading of passwords ? (WIndows) - Mailing list pgsql-general

Attachment

Previous

Next