Re: Passwords and batch processes (was Re: Problem with Dump)

In 7.3, this is the docs for PGPASSWORD:

    PGPASSWORD sets the password used if the backend demands password
    authentication. This functionality is deprecated for security reasons;
    consider migrating to PGPASSWORDFILE.

It is more vague on the security issues, but it does recommend a new
feature PGPASSWORDFILE, which will allow the passwords to be kept in a
file:

    PGPASSWORDFILE sets the password file used if the backend demands
    password authentication. This file should have the format

      hostname:port:database:username:password

    Any of these may be a literal name, or a * that matches anything. The
    first match will be the one used, so put more specific entries first.
    Entries with : or \ should be escaped with \.

---------------------------------------------------------------------------

Ian Barwick wrote:
> On Friday 23 August 2002 17:47, David F. Skoll wrote:
> > On Fri, 23 Aug 2002, Ian Barwick wrote:
> > > AFAIK utilities such as pg_dump prompt for the password but
> > > won't accept it as a command line option, which makes password-based
> > > authentication almost unusable when calling these utilities from a
> > > script.
> >
> > This really should be Question #1 in the FAQ.
> >
> > You can set the environment variable PGPASSWORD to the password, and avoid
> > prompts.  This assumes the same username/password has access to all the
> > databases for pg_dumpall.
> >
> > I didn't find this documented anywhere.  It probably is, but somewhere
> > buried...
>
> here?:
> http://www.postgresql.org/idocs/index.php?libpq-envars.html
>
> The security-conscious might like to note:
>
> "PGPASSWORD sets the password used if the backend demands password
> authentication. This is not recommended because the password can be read by
> others using the ps command with special options on some platforms."
>
> (At least on FreeBSD ps can be made to show the calling user's, but no
> other users' environment variables).
>
> Should this be included in the FAQ (it doesn't seem to be) I would include
> the recommendation that the permissions of any file where PGPASSWORD is set
> should be checked carefully.
>
> Ian Barwick
> barwick@gmx.net
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
>

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073