Re: PGPASSWORD and client tools

Christopher Kings-Lynne <chriskl@familyhealth.com.au> writes:
>> After some tests, I found that using the PGPASSWORD environment variable 
>> will do the job. I'm a bit irritated that it's marked "deprecated" in 
>> the docs, the .pgpass solution isn't a good one for tool managed passwords.

> I didn't notice it was deprecated either - it's the only way that 
> phpPgAdmin can integrate with pg_dump...

It's deprecated because it's insecure, on platforms where other users can
see the environment variables passed to pg_dump (which apparently is
quite a few variants of Unix).  You wouldn't pass the password on the
command line either ...

Painful as .pgpass may be for an admin tool, I do not know of any other
method I'd recommend on a multiuser machine.
        regards, tom lane