On Thu, 13 Jan 2000, Bruce Momjian wrote:
> > What is does is some sort of sed s/genericpassword/realpassword/ so I
> > guess this is not completely safe either. But something like this you'd
> > have to do. Can I count you in on beating Bruce into submission for an
> > initdb in C? ;)
>
> I will be responsible to make sure the password doesn't get into a
> command as an argument. sed has a -f command that will take it's regex
> input from a file. That is the solution, though the umask has to be set
> to make sure the temp file is not readable by anyone else.
That's one more file to find and to erase! Sounds very ugly to me. Better
leave off this option altogether and user alter user. Can end users
comment on this at all?
> Most OS vendors use shell scripts for this type of thing because it
> doesn't have to be fast, and it is changed often.
So we can do it better! Also besides actual code changes (as recently),
initdb itself hardly ever changes. When I get some time I'll develop a
prototype to convince you. :)
--
Peter Eisentraut Sernanders vaeg 10:115
peter_e@gmx.net 75262 Uppsala
http://yi.org/peter-e/ Sweden
