On Mon, Jun 8, 2020 at 09:59:18PM -0400, Tom Lane wrote:
> I wrote:
> > Hmm ... I had thought that the docs explained -W in more or less the same
> > way I did above, but I see that (at least on the psql page) things are
> > indeed pretty vague. I'll see about improving that.
>
> Concretely, it looks like we need edits as attached for psql, and
> likewise for all our other programs with similar options.
>
> The thing that was really missing here IMO is the specification that a
> conninfo string overrides other command-line parameters. It's somewhat
> debatable whether a -W prompt is a "command line parameter", but it
> acts that way for this purpose. In any case, I'm disinclined to document
> that specific interaction, because it would amount to blessing a pretty
> damfool practice, which is to make your password visible on the program's
> command line. (I wonder whether section 33.1.2 ought to specifically
> caution against putting passwords into command-line conninfo strings.)
I used a later version of Tom's patch to add documentation of how
connection strings can override command-line options, plus it has the
password description improvements.
I would like to apply this to all supported versions.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EnterpriseDB https://enterprisedb.com
The usefulness of a cup is in its emptiness, Bruce Lee