Home > mailing lists

Re: PGPASSWORD and client tools - Mailing list pgsql-hackers

From	Christopher Kings-Lynne
Subject	Re: PGPASSWORD and client tools
Date	August 19, 2004 02:01:07
Msg-id	41240A8D.2040200@familyhealth.com.au Whole thread Raw
In response to	Re: PGPASSWORD and client tools (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: PGPASSWORD and client tools
List	pgsql-hackers

Tree view

> It's deprecated because it's insecure, on platforms where other users can
> see the environment variables passed to pg_dump (which apparently is
> quite a few variants of Unix).  You wouldn't pass the password on the
> command line either ...
> 
> Painful as .pgpass may be for an admin tool, I do not know of any other
> method I'd recommend on a multiuser machine.

OK, but say you have a phpPgAdmin installation that's servicing 20 
users.  Then you have to put a .pgpass file in the www home dir (if 
there is one) with the usernames and passwords of all those users - 
pretty damn annoying...

Chris

pgsql-hackers by date:

From: Bruce Momjian
Date: 19 August 2004, 01:54:22
Subject: Re: pg_dump 'die_on_errors'

From: Tom Lane
Date: 19 August 2004, 02:02:49
Subject: More fun with dropped columns

Re: PGPASSWORD and client tools - Mailing list pgsql-hackers

Previous

Next