> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > We can hide it but it will be visible for a short period, and many
> > operating systems either don't allow us to modify the ps args or have
> > ways of circumventing custom ps display, i.e. it doesn't show updated ps
> > display if the process is swapped out because ps can't get to the
> > user-space definitions of the custom args.
>
> Yes, passwords in command-line arguments are *way* too dangerous.
>
> I had always thought that environment vars were secure, though, and was
> surprised to learn that there are Unix variants wherein they're not.
>
> I still like the idea of arguments and/or env vars that give the name
> of a file in which to look for the password, however. Perhaps the file
> contents could be along the lines of
>
> username host password
>
> and libpq would look for a line matching the PGUSER and PGHOST values it
> already has. (compare the usage of .netrc, .cvspass, etc). Maybe there
> could even be a default assumption that we look in "$HOME/.pgpass",
> without having to be told? Or is that too Unix-centric?
TODO updated:
* Add PGPASSWORDFILE environment variable or ~/.pgpass to store user/host/password combinations
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026