Postgres Pro
Downloads
Home   >   mailing lists

Re: BUG #1567: can't hide password with pg_autovacuum - Mailing list pgsql-bugs

From Neil Conway
Subject Re: BUG #1567: can't hide password with pg_autovacuum
Date
Msg-id 424A33E4.5050405@samurai.com
Whole thread Raw
In response to Re: BUG #1567: can't hide password with pg_autovacuum  ("Matthew T. O'Connor" <matthew@zeut.net>)
Responses Re: BUG #1567: can't hide password with pg_autovacuum
List pgsql-bugs
Tree view 
Matthew T. O'Connor wrote:
> I believe that pg_autovacuum will work with a .pgpass file just like any
> libpq based application.

It should, yes. I've applied the attached patch to HEAD and
REL8_0_STABLE that makes the security warning about -P more broad, and
suggests using ~/.pgpass instead.

-Neil
Index: contrib/pg_autovacuum/README.pg_autovacuum
===================================================================
RCS file: /cvsroot/pgsql/contrib/pg_autovacuum/README.pg_autovacuum,v
retrieving revision 1.12
diff -c -r1.12 README.pg_autovacuum
*** contrib/pg_autovacuum/README.pg_autovacuum    24 Jan 2005 00:17:33 -0000    1.12
--- contrib/pg_autovacuum/README.pg_autovacuum    30 Mar 2005 05:03:55 -0000
***************
*** 36,44 ****

  pg_autovacuum requires that the statistics system be enabled and
  reporting row level stats.  The overhead of the stats system has been
! shown to have a significant cost under certain workloads.  For
! instance, a tight loop of queries performing "select 1" was found to
! run nearly 30% slower when stats were enabled.  However, in practice,
  with more realistic workloads, the stats system overhead is usually
  nominal.

--- 36,44 ----

  pg_autovacuum requires that the statistics system be enabled and
  reporting row level stats.  The overhead of the stats system has been
! shown to be significant under certain workloads.  For instance, a
! tight loop of queries performing "select 1" was found to run nearly
! 30% slower when row-level stats were enabled.  However, in practice,
  with more realistic workloads, the stats system overhead is usually
  nominal.

***************
*** 127,134 ****
  -U username: Username pg_autovacuum will use to connect with, if not
     specified the current username is used.
  -P password: Password pg_autovacuum will use to connect with. *WARNING*
!    When installed as a Windows Service, this option will be stored in plain
!    text in the registry.
  -H host: host name or IP to connect to.
  -p port: port used for connection.
  -h help: list of command line options.
--- 127,137 ----
  -U username: Username pg_autovacuum will use to connect with, if not
     specified the current username is used.
  -P password: Password pg_autovacuum will use to connect with. *WARNING*
!    This option is insecure. When installed as a Windows Service, this
!    option will be stored in plain text in the registry. When used with
!    most Unix variants, other users will be able to see the argument to
!    the "-P" option via ps(1). The ~/.pgpass file can be used to
!    specify a password more securely.
  -H host: host name or IP to connect to.
  -p port: port used for connection.
  -h help: list of command line options.

pgsql-bugs by date:

Previous
From: Tom Lane
Date:
Subject: Re: foreign key constraint not working when index tablespace is not default.
Next
From: Alvaro Herrera
Date:
Subject: Re: BUG #1567: can't hide password with pg_autovacuum