Home > mailing lists

Re: [HACKERS] TODO list updated - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [HACKERS] TODO list updated
Date	January 13, 2000 09:16:57
Msg-id	Pine.GSO.4.02A.10001131213500.6438-100000@Pingvin.DoCS.UU.SE Whole thread Raw
In response to	Re: [HACKERS] TODO list updated (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [HACKERS] TODO list updated Re: [HACKERS] TODO list updated
List	pgsql-hackers

Tree view

On Wed, 12 Jan 2000, Tom Lane wrote:

> Note that if initdb is a shell script, then it still has to be very
> careful what it does with the password; put it in any command line
> for a program invoked by the script, and the leak is back with you.
> A C-program version of initdb would be a lot safer.  But in theory you
> can pass the password to the backend without exposing it in any command
> line (put it in a data file instead, say).

What is does is some sort of sed s/genericpassword/realpassword/ so I
guess this is not completely safe either. But something like this you'd
have to do. Can I count you in on beating Bruce into submission for an
initdb in C? ;)

-- 
Peter Eisentraut                  Sernanders vaeg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden

pgsql-hackers by date:

From: Peter Eisentraut
Date: 13 January 2000, 09:12:52
Subject: Re: [HACKERS] TODO list updated

From: Peter Eisentraut
Date: 13 January 2000, 09:21:52
Subject: Re: [HACKERS] TODO list updated

Re: [HACKERS] TODO list updated - Mailing list pgsql-hackers

Previous

Next