Re: pgsql: Adjust user-facing documentation to explain why we don't check

Magnus Hagander wrote:
>>> PGPASSFILE takes a full path name, so you can put the file anywhere you
>>> want. Just like on Unix.
>> OK, so we _do_ need to check the permissions on pgpass on Win32, but we
>> just don't know how to do that?
>>
>
> If we _need_ to check, I don't know. If you've set PGPASSFILE to
> something, then you've made a decision to change from the default, and
> it could be argued that we don't have to check for that. It can of
> course equally well be argued that we should, yes.

Not necessarily - wasn't that one of the suggestions given to Tony
during our recent disagreement on pgpass files? Users may not realise
their app is setting PGPASSFILE.

> Which would bring is to the "how". If there was an easy way to do the
> how, we should probably do it. However, I'm very concerned that we will
> break a whole lot more than we fix because the permissions system is
> much more complex.

I think the only thing you could do would be to specify that the user
and only the user have full control over the file. *Any* other ACL
entries, deny or allow, are not allowed. Access via a group is not allowed.

Now the next problem is how this should be set on Home Editions which do
their best to hide ACLs from the user. I suppose we could just document
the correct cacls command line to get exactly the acl we want.

Regards, Dave.