Home > mailing lists

Re: [GENERAL] pgpass file type restrictions - Mailing list pgsql-general

From	Tom Lane
Subject	Re: [GENERAL] pgpass file type restrictions
Date	October 19, 2017 20:20:04
Msg-id	30756.1508422804@sss.pgh.pa.us Whole thread Raw
In response to	Re: [GENERAL] pgpass file type restrictions ("Daniel Verite" <daniel@manitou-mail.org>)
Responses	Re: [GENERAL] pgpass file type restrictions
List	pgsql-general

Tree view

"Daniel Verite" <daniel@manitou-mail.org> writes:
>     Desidero wrote:
>> When attempting to use something like an anonymous pipe for a
>> passfile, psql throws an error stating that it only accepts plain files

> So the script doing that has access to the password(s) in clear text.
> Can't it instead push the password into the PGPASSWORD
> environment variable, avoiding creating .pgpass in any form?

On many platforms, it's possible for other users to see the environment
variables of a process.  So PGPASSWORD is really quite insecure.
        regards, tom lane


-- 
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

pgsql-general by date:

From: "Daniel Verite"
Date: 19 October 2017, 19:56:59
Subject: Re: [GENERAL] pgpass file type restrictions

From: américo bravo astroña
Date: 19 October 2017, 20:28:22
Subject: Re: [GENERAL] Problems with the time in data type timestamp withouttime zone

Re: [GENERAL] pgpass file type restrictions - Mailing list pgsql-general

Previous

Next