Re: Suggestion : support for environment variable in initdb to set the superuser password

On 27.05.25 11:43, Reda Agaoua wrote:
> I do believe it can be useful in a variety of settings, but I'm not sure 
> whether this is secure. Specifically, the documentation advises against 
> using PGPASSWORD for connecting to postgres :
> 
> "Use of this environment variable is not recommended for security 
> reasons, as some operating systems allow non-root users to see process 
> environment variables via ps; instead consider using a password file 
> (see Section 32.16)." (32.15. Environment Variables)
> 
> In my opinion, the context for using PGPASSWORD (i.e. connecting to an 
> instance) is very different from that of initdb, where the password is 
> only used once during cluster initialization. So I think the security 
> concerns from section 32.16 may not necessarily apply here.

Well, insecure is insecure.  "Insecure, but it's ok because it's not 
used very often" is not a valid excuse.