On Thu, 13 Jan 2000, Peter Eisentraut wrote:
> On Thu, 13 Jan 2000, Bruce Momjian wrote:
>
> > > What is does is some sort of sed s/genericpassword/realpassword/ so I
> > > guess this is not completely safe either. But something like this you'd
> > > have to do. Can I count you in on beating Bruce into submission for an
> > > initdb in C? ;)
> >
> > I will be responsible to make sure the password doesn't get into a
> > command as an argument. sed has a -f command that will take it's regex
> > input from a file. That is the solution, though the umask has to be set
> > to make sure the temp file is not readable by anyone else.
>
> That's one more file to find and to erase! Sounds very ugly to me. Better
> leave off this option altogether and user alter user. Can end users
> comment on this at all?
>
> > Most OS vendors use shell scripts for this type of thing because it
> > doesn't have to be fast, and it is changed often.
>
> So we can do it better! Also besides actual code changes (as recently),
> initdb itself hardly ever changes. When I get some time I'll develop a
> prototype to convince you. :)
I could be wrong here, but I don't think anyone *really* cares whether its
in script or C...just nobody wants to do the coding... :)
I personally think there have been enough solutions to the problem
provided that a C version isn't required, but if someone wants to go
through the trouble of doing it (when suitable solutions are present to
not require it), who am I to argue?
Marc G. Fournier ICQ#7615664 IRC Nick: Scrappy
Systems Administrator @ hub.org
primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org