Home > mailing lists

Re: Best way to "mask" password in DBLINK - Mailing list pgsql-general

From	Tom Lane
Subject	Re: Best way to "mask" password in DBLINK
Date	August 12, 2009 13:49:00
Msg-id	9892.1250084933@sss.pgh.pa.us Whole thread Raw
In response to	Re: Best way to "mask" password in DBLINK (Magnus Hagander <magnus@hagander.net>)
List	pgsql-general

Tree view

Magnus Hagander <magnus@hagander.net> writes:
>>> If I'm not mistaken, it's possible to put your password in the .pgpass
>>> file in the postgres-users home folder, on the server where the postgres
>>> cluster is running.

> You need to put it in the .pgpass file of the postgres user - the one
> that runs the server. .pgpass is dealt with by libpq, and DBLink and
> DBI-Link both use libpq to connect to the remote server.

Didn't we recently add a security fix to prevent non-superusers from
relying on the server's .pgpass file?

I think 8.4 provides a reasonable solution to this via the SQL/MED
additions.  In previous releases it's hard to find a nice place to
keep the password for a dblink connection.

            regards, tom lane

pgsql-general by date:

From: Bruno Baguette
Date: 12 August 2009, 12:50:49
Subject: Re: Adding ACL notion to existing tables

From: "Daniel Verite"
Date: 12 August 2009, 14:14:43
Subject: Re: comparing NEW and OLD (any good this way?)

Re: Best way to "mask" password in DBLINK - Mailing list pgsql-general

Previous

Next