Magnus Hagander <magnus@hagander.net> writes:
>>> If I'm not mistaken, it's possible to put your password in the .pgpass
>>> file in the postgres-users home folder, on the server where the postgres
>>> cluster is running.
> You need to put it in the .pgpass file of the postgres user - the one
> that runs the server. .pgpass is dealt with by libpq, and DBLink and
> DBI-Link both use libpq to connect to the remote server.
Didn't we recently add a security fix to prevent non-superusers from
relying on the server's .pgpass file?
I think 8.4 provides a reasonable solution to this via the SQL/MED
additions. In previous releases it's hard to find a nice place to
keep the password for a dblink connection.
regards, tom lane