Magnus Hagander wrote: > On Mon, Dec 10, 2007 at 10:47:19PM -0500, Tom Lane wrote:
> If we want to prevent it for psql, we should actually prevent it *in* psql, > not in libpq. There are an infinite number of scenarios where it's > perfectly safe to put the password there... If we want to do it share, we > should add a function like PQSanitizeConnectionString() that will remove > it, that can be called from those client apps that may be exposing it. > > There are also platforms that don't show the full commandline to other > users - or even other processes - that aren't affected, of course. One idea is to have psql "hide" the password on the ps status. That way it becomes less of a security issue. It would still be a problem on certain operating systems, but at least several common platforms would be covered. -- Alvaro Herrera http://www.flickr.com/photos/alvherre/ Officer Krupke, what are we to do? Gee, officer Krupke, Krup you! (West Side Story, "Gee, Officer Krupke") ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
