Re: [HACKERS] TODO list updated

> After thinking about it a little more, I wonder if I was too optimistic
> to say that an initdb script could transfer the password securely.
> Consider: we can get the password with
> 
>     echo "Please enter password for postgres superuser: "
>     read PASSWORD
> 
> and now the password is in a shell variable of the shell running initdb,
> and hasn't been exposed anywhere else.  So far so good, but now what?
> You can't securely do
> 
>     echo $PASSWORD | backend
> 
> or
>     echo $PASSWORD > allegedly-secure-temp-file

This is secure.  echo is a shell builtin, and does not invoke a separate
process with arguments.

> (Actually, you'd want it to do a few more pushups: turn off tty
> echoing before prompting for password, read password twice and
> check it was entered the same both times, retry if not, etc.
> Another reason that a pure shell script isn't really up to the
> job is that AFAIR it can't easily turn off tty echoing.)

That is the part that is hard to do in a shell, except I think there are
stty settings for this.

I just did:stty -echoread PASS stty echoecho $PASS

and it worked perfectly:
#$ /bjm/x          <- typed test heretest               

--  Bruce Momjian                        |  http://www.op.net/~candle maillist@candle.pha.pa.us            |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026