Re: [HACKERS] TODO list updated

On Wed, 12 Jan 2000, Tom Lane wrote:

> Note that if initdb is a shell script, then it still has to be very
> careful what it does with the password; put it in any command line
> for a program invoked by the script, and the leak is back with you.
> A C-program version of initdb would be a lot safer.  But in theory you
> can pass the password to the backend without exposing it in any command
> line (put it in a data file instead, say).

What is does is some sort of sed s/genericpassword/realpassword/ so I
guess this is not completely safe either. But something like this you'd
have to do. Can I count you in on beating Bruce into submission for an
initdb in C? ;)


-- 
Peter Eisentraut                  Sernanders vaeg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden