Re: FW: [ppa-dev] Severe bug in debian - phppgadmin opens

> Bruce Momjian <pgman@candle.pha.pa.us> writes:
> 
> > OK, new text is:
> > 
> >     <envar>PGPASSWORD</envar>
> >     sets the password used if the backend demands password
> >     authentication. This is not recommended because the password can
> >     be read by others using <command>ps -e</command>.
> 
> Just a nit--the 'e' option is for Berkeley-style ps (/usr/ucb/ps on
> Solaris).  SysV ps doesn't have an equivalent from what I can see,
> (though I may have missed it) and '-e' does something totally
> different. 

Yes, I debated that one.  I wanted to mention the environment issue
without being verbose.  I believe 'ps e', without the dash, does show
environment, doesn't it?

> 
> > I am unsure if Linux has this problem but it seems most other Unix's do.
> 
> Modern versions (of Linux) don't seem to--you can see the env for your
> processes but not for others'.

If Linux doesn't have this problem, I should mention it is a problem on
_some_ platforms.

New text is:
<envar>PGPASSWORD</envar>sets the password used if the backend demands passwordauthentication. This is not recommended
becausethe password canbe read by others using <command>ps e</command> on someplatforms.
 

I am glad to continue revising it until we are all happy.  I throw these
texts out so people can make comments and improve upon it.

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026