On Wed, 12 Jan 2000, Tom Lane wrote:
> Note that if initdb is a shell script, then it still has to be very
> careful what it does with the password; put it in any command line
> for a program invoked by the script, and the leak is back with you.
> A C-program version of initdb would be a lot safer. But in theory you
> can pass the password to the backend without exposing it in any command
> line (put it in a data file instead, say).
What is does is some sort of sed s/genericpassword/realpassword/ so I
guess this is not completely safe either. But something like this you'd
have to do. Can I count you in on beating Bruce into submission for an
initdb in C? ;)
--
Peter Eisentraut Sernanders vaeg 10:115
peter_e@gmx.net 75262 Uppsala
http://yi.org/peter-e/ Sweden