On Wed, Oct 12, 2005 at 11:34:58AM +0200, Zlatko Mati? wrote:
> Hello.
>
> It seems that for all automated tasks (backup, autovacuum etc.) passwords should be provided by pgpass file.
> But, anyone can read pgpass file....
>
> How can I make it secure that nobody can read it, except programs for backup and autovacuum ?
Err, normal filesystem permissions. Say mode 600 in UNIX.
If you're using UNIX you can allow ident auth via UNIX domain for the
backup user. That's very secure.
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.