Re: I "might" have found a bug on 8.2.1 win32 - Mailing list pgsql-general

From Tony Caduto
Subject Re: I "might" have found a bug on 8.2.1 win32
Date
Msg-id 45C35586.3000709@amsoftwaredesign.com
Whole thread Raw
In response to Re: I "might" have found a bug on 8.2.1 win32  (Dave Page <dpage@postgresql.org>)
Responses Re: I "might" have found a bug on 8.2.1 win32
List pgsql-general
Dave Page wrote:
>
> pgAdmin doesn't force them to store any passwords at all. That's pure
> FUD.
>
You are correct on that fact Dave, however it does force them to store
the password in a pgpass file without their knowledge.
When you check that box "Store Password" it is not warning the user that
a pgpass file will be created and that it will affect all
applications that use libpq for that particular host.
So a user selects store password in pgAdmin III, then they need to use
psql for some reason and yipee skipee they get automagically authenticated
when they attempt to connect to that host.  I had know idea pgAdmin III
was using pgpass to store the password, I thought something was wrong
with my servers pg_hba.conf file or a it was a bug.

It just totally amazes me that you don't see the big picture problem
with pgAdmin III using pgpass.

The only other solution to this problem beside the pgAdmin III team
fixing the inappropriate use of pgpass is  to  make a change to libpq
by adding
a new connections string option to ignore the pgpass file.
At least that way the developer of the application would have the choice
to use pgpass or not.


Later,

--
Tony Caduto
AM Software Design
http://www.amsoftwaredesign.com
Home of PG Lightning Admin for Postgresql
Your best bet for Postgresql Administration


pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: Functions, composite types and Notice
Next
From: Tony Caduto
Date:
Subject: Re: I "might" have found a bug on 8.2.1 win32