On Tue, Dec 11, 2007 at 08:58:05AM -0500, Andrew Dunstan wrote:
> >I'm actually inclined to vote with Stephen that this is a silly change.
> >I just put up the patch to show the best way of doing it if we're gonna
> >do it ...
>
> OK. I'm not going to die in a ditch over it.
On the other hand, wa
Tom Lane wrote:
It's also worth noting that we haven't removed the PGPASSWORD
environment variable, even though that's demonstrably insecure on some
platforms.
True. But at least its use is deprecated. The reason I put in PGPASSFILE
was to tempt (so far unsuccessfully) the maintainers of
Magnus Hagander wrote:
> On Mon, Dec 10, 2007 at 10:47:19PM -0500, Tom Lane wrote:
> If we want to prevent it for psql, we should actually prevent it *in* psql,
> not in libpq. There are an infinite number of scenarios where it's
> perfectly safe to put the password there... If we want to do it sh
On Mon, Dec 10, 2007 at 10:47:19PM -0500, Tom Lane wrote:
> Andrew Dunstan <[EMAIL PROTECTED]> writes:
> > Stephen Frost wrote:
> >> I'm going to have to vote 'silly' on this one.
>
> > It's a matter of being consistent. If we think such a facility shouldn't
> > be provided on security grounds, t
Andrew Dunstan <[EMAIL PROTECTED]> writes:
> Stephen Frost wrote:
>> I'm going to have to vote 'silly' on this one.
> It's a matter of being consistent. If we think such a facility shouldn't
> be provided on security grounds, then we shouldn't allow it via a
> backdoor, ISTM.
Well, the problem
Stephen Frost wrote:
* Tom Lane ([EMAIL PROTECTED]) wrote:
Anybody think this is good, bad, or silly? Does the issue need
explicit documentation, and if so where and how?
I'm going to have to vote 'silly' on this one. While I agree that in
general we should discourage, and not prov
Tom Lane wrote:
"Joshua D. Drake" <[EMAIL PROTECTED]> writes:
Tom Lane wrote:
As of PG 8.3, libpq allows a conninfo string to be passed in via the
dbName parameter of PQsetdbLogin.
I didn't even know we could do that. I always use the shell variable
option instead. Does anyone actually use t
* Tom Lane ([EMAIL PROTECTED]) wrote:
> Anybody think this is good, bad, or silly? Does the issue need
> explicit documentation, and if so where and how?
I'm going to have to vote 'silly' on this one. While I agree that in
general we should discourage, and not provide explicit command-line
optio
"Joshua D. Drake" <[EMAIL PROTECTED]> writes:
> Tom Lane wrote:
>> As of PG 8.3, libpq allows a conninfo string to be passed in via the
>> dbName parameter of PQsetdbLogin.
> I didn't even know we could do that. I always use the shell variable
> option instead. Does anyone actually use the facili
Tom Lane wrote:
As of PG 8.3, libpq allows a conninfo string to be passed in via the
dbName parameter of PQsetdbLogin. This is to allow access to conninfo
facilities in old programs that are still using PQsetdbLogin (including
most of our own standard clients ... ahem). For instance
ps
10 matches
Mail list logo