Home > mailing lists

Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up - Mailing list pgsql-hackers

From	Doug McNaught
Subject	Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up
Date	November 28, 2001 15:04:02
Msg-id	m3vgfuq1wj.fsf@belphigor.mcnaught.org Whole thread Raw
In response to	Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens (Bruce Momjian <pgman@candle.pha.pa.us>)
List	pgsql-hackers

Tree view

Tom Lane <tgl@sss.pgh.pa.us> writes:

> Doug McNaught <doug@wireboard.com> writes:
> > But this way the password ends up in the environment, which on many
> > systems is visible to other processes/users (via /proc or the 'ps'
> > command).
> 
> Your *environment* is visible to other users?  Geez, what a broken
> system ...

True on Solaris (/usr/ucb/ps -eax) at least.  Other systems too I'm
pretty sure.  I thought that Linux let you do it but I just checked
and /proc/<pid>/environ is mode 0400...

-Doug
-- 
Let us cross over the river, and rest under the shade of the trees.  --T. J. Jackson, 1863

pgsql-hackers by date:

From: "Zeugswetter Andreas SB SD"
Date: 28 November 2001, 14:55:05
Subject: Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up

From: Jason Earl
Date: 28 November 2001, 15:04:05
Subject: Re: Week number

Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens up - Mailing list pgsql-hackers

Previous

Next