Re: BUG #1567: can't hide password with pg_autovacuum

Le Tuesday 29 March 2005 00:40, vous avez =E9crit :
> The typical way to do this is to use .pgpass in the user's home
> directory.  Does that help?

Yes it help, but:
- please notice the issue about ps into the README
- the .pgpass doesn't work on my configuration:

[postgres@virgo pgsql]$ pg_autovacuum
[2005-03-29 04:47:32 CEST] ERROR:   Failed connection to database template1=
=20
with error: fe_sendauth: no password supplied
=2E
[2005-03-29 04:47:32 CEST] ERROR:   Failed connection to database template1=
=20
with error: fe_sendauth: no password supplied
=2E
[2005-03-29 04:47:32 CEST] ERROR:   Cannot connect to template1, exiting.

When permission are bad on .pgpass (other than 600), it complain, but faile=
d=20
to connect on my server. Notice I have seting up access to 'password' to al=
l=20
connection in my pg_hba.conf. psql... work fine and the password in .pgpass=
=20
is ok.

Maybe I will workaround by setting postgres user access as 'trust' for loca=
l=20
connection only, but I have to reread the doc before :).

>
> -------------------------------------------------------------------------=
--
>
> Olivier Thauvin wrote:
> > The following bug has been logged online:
> >
> > Bug reference:      1567
> > Logged by:          Olivier Thauvin
> > Email address:      nanardon@nanardon.homelinux.org
> > PostgreSQL version: 8.0.1
> > Operating system:   Linux (Mandrake cooker)
> > Description:        can't hide password with pg_autovacuum
> > Details:
> >
> > I found an security with pg_autovacuum :(
> > After looking the README and --help, it seems there is no way to start =
it
> > with a configuration file.
> >
> > This is not a problem except when the database is password protected, so
> > you have to use -P option to get it started (no prompt excpet I missed
> > something).
> >
> > The potential issue come from ps, the password is show in clear:
> >
> > nanardon 28664  0.4  0.0  3644 1384 ?        Ss   04:05   0:00
> > pg_autovacuum -D -s rpm2sql -PXXXXXX
> >
> > XXXXXX is my password in clear (hidden here of course).
> > As you can see, there is enought information here for someone having an
> > account on the host to connect to DB with admin privileges on the DB (n=
ot
> > as postgres user of course, but only the owner of the db can vacuum).
> >
> > Solution:
> > - change the command line after start like some ftp client does
> > - having the possiblility to read password from a file
> > - taking password from envirronment variable (AUTOVACUUM_PASS=3Dpass
> > pg_autovacuum...)
> >
> > If I have any time, I will try to provide a patch, but my knowledge in C
> > are too poor to ensure quality :(
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 9: the planner will ignore your desire to choose an index scan if
> > your joining column's datatypes do not match