Home > mailing lists

Re: [PATCH] pg_autovacuum commandline password hiding. - Mailing list pgsql-patches

From	Neil Conway
Subject	Re: [PATCH] pg_autovacuum commandline password hiding.
Date	May 24, 2005 07:19:16
Msg-id	4292D564.20009@samurai.com Whole thread Raw
In response to	[PATCH] pg_autovacuum commandline password hiding. (Ian FREISLICH <if@hetzner.co.za>)
Responses	Re: [PATCH] pg_autovacuum commandline password hiding.
List	pgsql-patches

Tree view

Ian FREISLICH wrote:
> I'm not sure if you've done this for a later version of pg_autovacuum.
> I'm using what came with postgres-7.4.6.  For database security on
> a shared server (~800 logins) it's best to set the superuser password
> and not allow passwordless connections.  The only thing is that
> pg_autovacuum keeps the password supplied on the commandline so
> anyone that does a 'ps' can get the database superuser password.

Is this portable? Considering the hoops that
backend/utils/misc/ps_status.c jumps through to do something similar for
the postmaster, I would guess not.

BTW, I would suggest using ~/.pgpass, as that should be secure on all
platforms.

-Neil

pgsql-patches by date:

From: Ian FREISLICH
Date: 24 May 2005, 07:03:08
Subject: [PATCH] pg_autovacuum commandline password hiding.

From: Neil Conway
Date: 24 May 2005, 08:06:31
Subject: Re: plperl tests for currently untested features

Re: [PATCH] pg_autovacuum commandline password hiding. - Mailing list pgsql-patches

Previous

Next