Re: [GENERAL] pgpass file type restrictions

"Daniel Verite" <daniel@manitou-mail.org> writes:
>     Desidero wrote:
>> When attempting to use something like an anonymous pipe for a
>> passfile, psql throws an error stating that it only accepts plain files

> So the script doing that has access to the password(s) in clear text.
> Can't it instead push the password into the PGPASSWORD
> environment variable, avoiding creating .pgpass in any form?

On many platforms, it's possible for other users to see the environment
variables of a process.  So PGPASSWORD is really quite insecure.
        regards, tom lane


-- 
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general