Home > mailing lists

Re: prevent connection using pgpass.conf - Mailing list pgsql-general

From	John R Pierce
Subject	Re: prevent connection using pgpass.conf
Date	April 1, 2010 09:32:13
Msg-id	4BB46808.4060404@hogranch.com Whole thread Raw
In response to	Re: prevent connection using pgpass.conf ("Christophe Dore" <c.dore@castsoftware.com>)
List	pgsql-general

Tree view

Christophe Dore wrote:
> Thanks for answering
>
> Yes, you are right. This is a client-side file. However, our concern is
> that we have to consider this practice as a security issue. We'd like to
> ban this practice for our product which is, thus, wrapping PostgresQL
> engine. Thus my questions
>
> - is there any configuration that can be done on server side to prevent
> the client side to use such file to read passwords ?
> - is there any options that can be set in postgres libpq C library to
> prevent the connection functions to search for password in files ?
>


where do you want the client apps to get the passwords from?  hard
coded? an application read .inf file?

pgsql-general by date:

From: Guillaume Lelarge
Date: 01 April 2010, 09:27:20
Subject: Re: prevent connection using pgpass.conf

From: Alban Hertroys
Date: 01 April 2010, 09:34:17
Subject: Re: Prevent users to drop triggers applied on table

Re: prevent connection using pgpass.conf - Mailing list pgsql-general

Previous

Next