Re: ssl passphrase callback

On Thu, Nov 14, 2019 at 11:42:05AM +0100, Magnus Hagander wrote:
> On Wed, Nov 13, 2019 at 9:23 PM Tomas Vondra <tomas.vondra@2ndquadrant.com>
>     I think it would be beneficial to explain why shared object is more
>     secure than an OS command. Perhaps it's common knowledge, but it's not
>     quite obvious to me.
> 
> 
> Yeah, that probably wouldn't hurt. It's also securely passing from more than
> one perspective -- both from the "cannot be eavesdropped" (like putting the
> password on the commandline for example) and the requirement for escaping.

I think a bigger issue is that if you want to give people the option of
using a shell command or a shared object, and if you use two commands to
control it, it isn't clear what happens if both are defined.  By using
some character prefix to control if a shared object is used, you can use
a single variable and there is no confusion over having two variables
and their conflicting behavior.

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +