"Daniel Verite" <daniel@manitou-mail.org> writes:
> Desidero wrote:
>> When attempting to use something like an anonymous pipe for a
>> passfile, psql throws an error stating that it only accepts plain files
> So the script doing that has access to the password(s) in clear text.
> Can't it instead push the password into the PGPASSWORD
> environment variable, avoiding creating .pgpass in any form?
On many platforms, it's possible for other users to see the environment
variables of a process. So PGPASSWORD is really quite insecure.
regards, tom lane
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general