Andrew Sullivan <andrew@libertyrms.info> writes:
> On Thu, Jan 23, 2003 at 11:41:05PM +0100, Enrico Comini wrote:
>> I have a password on the database, so when the file is executed it prompt
>> for the password.
> You could try setting the PGPASSWORD environment variable in your
> script. I believe someone told me it was getting set to go away,
> though, so it may not help. If your OS supports it, ident over UNIX
> domain sockets is more secure.
PGPASSWORD is insecure on platforms where others can see your
environment variables (which is quite a few Unixen, but not all).
I am not sure we will remove it, but as of 7.3 it's definitely
deprecated. You can put passwords in ~/.pgpass instead.
ident for Unix sockets is a nice alternative if you can use it, too.
regards, tom lane
