Marko Kreen wrote:
On 9/21/08, Tom Lane <[EMAIL PROTECTED]> wrote:
Joe Conway <[EMAIL PROTECTED]> writes:
Good point -- I'll look into that and post something tomorrow. How does
> "requirepassword" sound for the option? It is consistent with
> "requiressl" but a bit long and hard to read. Maybe "require_password"?
Well, no, because it's not requiring a password.
Perhaps "ignore_pgpass"?
You need to ignore pg_service also. (And PGPASSWORD)
Why? pg_service does not appear to support wildcards, so what is the
attack vector?
And on PGPASSWORD, the fine manual says the following:
PGPASSWORD sets the password used if the server demands password
authentication. Use of this environment variable is not recommended
for security reasons (some operating systems allow non-root users to
see process environment variables via ps); instead consider using the
~/.pgpass file (see Section 30.13).
At the moment the only real issue I can see is .pgpass when wildcards
are used for hostname:port:database.
Joe
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
