Обсуждение: Reading psql password from stdin
We have recently realized that psql and pg_dump read passwords from stdin, rather than from the more traditional /dev/tty. I would like to change the default to /dev/tty and read from stdin only when /dev/tty can't be opened. Is this good or bad? I need votes. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
Good, good, very good! being one of the people who steadfastly avoids PGUSER and PGPASSWORD for security reasons, it would be nice t be able to do $ psql db user < file As the docs say you can. Would this change also allow the use of: $ pg_dump > dumpfile Which doesn't work when prompting for password, but that can be a stdout issue. I would enumerate these issues as the top annoyances with the postgres client apps. Although I would place them very low compared to being able to alter/remove columns. Keary Suska Esoteritech, Inc. "Leveraging Open Source for a better Internet" > From: Bruce Momjian <pgman@candle.pha.pa.us> > Date: Sun, 14 Oct 2001 19:07:25 -0400 (EDT) > To: PostgreSQL-general <pgsql-general@postgresql.org> > Subject: [GENERAL] Reading psql password from stdin > > We have recently realized that psql and pg_dump read passwords from > stdin, rather than from the more traditional /dev/tty. I would like to > change the default to /dev/tty and read from stdin only when /dev/tty > can't be opened. > > Is this good or bad? I need votes. > > -- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 853-3000 > + If your life is a hard drive, | 830 Blythe Avenue > + Christ can be your backup. | Drexel Hill, Pennsylvania 19026 > > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org >
pg_dump does wait for passwords - version 7.1.x. But the password prompts end up in the dumpfile. That is to say, the Username: and/or Password: prompts end up in the dumpfile and are not displayed on the screen. Cheerio, Link. At 06:19 PM 14-10-2001 -0600, Keary Suska wrote: >Good, good, very good! being one of the people who steadfastly avoids PGUSER >and PGPASSWORD for security reasons, it would be nice t be able to do > $ psql db user < file >As the docs say you can. Would this change also allow the use of: > $ pg_dump > dumpfile >Which doesn't work when prompting for password, but that can be a stdout >issue. > >I would enumerate these issues as the top annoyances with the postgres >client apps. Although I would place them very low compared to being able to >alter/remove columns. > >Keary Suska >Esoteritech, Inc. >"Leveraging Open Source for a better Internet"
Correction: The password promps only end up in the dumpfile for version 6.5. pg_dump does wait and prompt for passwords if you use -u for version 7.1.x. Cheerio, Link. At 06:19 PM 14-10-2001 -0600, Keary Suska wrote: >Good, good, very good! being one of the people who steadfastly avoids PGUSER >and PGPASSWORD for security reasons, it would be nice t be able to do > $ psql db user < file >As the docs say you can. Would this change also allow the use of: > $ pg_dump > dumpfile >Which doesn't work when prompting for password, but that can be a stdout >issue. > >I would enumerate these issues as the top annoyances with the postgres >client apps. Although I would place them very low compared to being able to >alter/remove columns. > >Keary Suska >Esoteritech, Inc. >"Leveraging Open Source for a better Internet"
The proposed patch would fix this. Password prompts would go to the terminal. Right now they got to stderr. Does your stderr go to the dump file? > pg_dump does wait for passwords - version 7.1.x. > > But the password prompts end up in the dumpfile. > > That is to say, the Username: and/or Password: prompts end up in the > dumpfile and are not displayed on the screen. > > Cheerio, > Link. > > At 06:19 PM 14-10-2001 -0600, Keary Suska wrote: > >Good, good, very good! being one of the people who steadfastly avoids PGUSER > >and PGPASSWORD for security reasons, it would be nice t be able to do > > $ psql db user < file > >As the docs say you can. Would this change also allow the use of: > > $ pg_dump > dumpfile > >Which doesn't work when prompting for password, but that can be a stdout > >issue. > > > >I would enumerate these issues as the top annoyances with the postgres > >client apps. Although I would place them very low compared to being able to > >alter/remove columns. > > > >Keary Suska > >Esoteritech, Inc. > >"Leveraging Open Source for a better Internet" > > > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
Oops, sorry, I see my question was answered. --------------------------------------------------------------------------- > Correction: > The password promps only end up in the dumpfile for version 6.5. > > pg_dump does wait and prompt for passwords if you use -u for version 7.1.x. > > Cheerio, > Link. > > At 06:19 PM 14-10-2001 -0600, Keary Suska wrote: > >Good, good, very good! being one of the people who steadfastly avoids PGUSER > >and PGPASSWORD for security reasons, it would be nice t be able to do > > $ psql db user < file > >As the docs say you can. Would this change also allow the use of: > > $ pg_dump > dumpfile > >Which doesn't work when prompting for password, but that can be a stdout > >issue. > > > >I would enumerate these issues as the top annoyances with the postgres > >client apps. Although I would place them very low compared to being able to > >alter/remove columns. > > > >Keary Suska > >Esoteritech, Inc. > >"Leveraging Open Source for a better Internet" > > > > ---------------------------(end of broadcast)--------------------------- > TIP 6: Have you searched our list archives? > > http://archives.postgresql.org > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026