> Hi Magnus,
>
> I did not use PGPASSWORD because the documentation says it is
> not secure.
Well, it says "some operating systems allow non-root users to see
process environment variables via ps". This is very much not the case on
Windows, so I don't beleive there is any problem with it on windows.
> I'll give it a try on Windows. Just curious, why
> is stdin/ stdout insecure if that is what is used for normal
> interactive operation?
It's not used for normal interactive operation. The password is
retreived directly from CON: (just like it does on Unix)
> Could you point me to the file that changed in 8.1.4?
It's src/port/sprompt.c.
//Magnus