Tom Lane wrote:
As of PG 8.3, libpq allows a conninfo string to be passed in via the
dbName parameter of PQsetdbLogin. This is to allow access to conninfo
facilities in old programs that are still using PQsetdbLogin (including
most of our own standard clients ... ahem). For instance
psql "service = foo"
Andrew Dunstan pointed out a possible security hole in this: it will
allow people to do
psql "dbname = mydb password = mypassword"
which would leave their password exposed on the program's command line.
While we cannot absolutely prevent client apps from doing stupid things,
it seems like it might be a good idea to prevent passwords from being
passed in through dbName. The attached patch (which depends on some
pretty-recent changes in CVS HEAD) accomplishes this.
Anybody think this is good, bad, or silly? Does the issue need
I didn't even know we could do that. I always use the shell variable
option instead. Does anyone actually use the facility?
explicit documentation, and if so where and how?
I think it should just throw a syntax error, this isn't covered as an
ability in the man page. I doubt anyone is honestly using this that
isn't smart enough to just figure out it isn't supported.
Joshua D. Drake
---------------------------(end of broadcast)---------------------------
TIP 1: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
