Thread: PGPASSWORDFILE env var for libpq
Hello: I attach a patch that adds the PGPASSWORDFILE ability to libpq, and removes the use of PGPASSWORD. It uses the format hostname:port:dbname:user:password where each item can be replaced by *. Identifiers that contain : or \ should be escaped with \. Please double check the doc part of the patch, as I can't get the SGML documentation to compile here. -- Alvaro Herrera (<alvherre[a]atentus.com>) Si no sabes adonde vas, es muy probable que acabes en otra parte.
Attachment
Alvaro Herrera <alvherre@atentus.com> writes:
> I attach a patch that adds the PGPASSWORDFILE ability to libpq, and
> removes the use of PGPASSWORD.
Were we actually going to *remove* that, as opposed to deprecate it?
There are systems (in fact many) where it's perfectly secure, so I'm
not that thrilled about removing functionality ...
regards, tom lane
Tom Lane dijo: > Alvaro Herrera <alvherre@atentus.com> writes: > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and > > removes the use of PGPASSWORD. > > Were we actually going to *remove* that, as opposed to deprecate it? Well, the TODO says "remove". > There are systems (in fact many) where it's perfectly secure, so I'm > not that thrilled about removing functionality ... It takes very little to add again. I'll submit a patch that corrects this one. -- Alvaro Herrera (<alvherre[a]atentus.com>) "El conflicto es el camino real hacia la union"
On Sun, 2002-08-11 at 15:45, Tom Lane wrote: > Alvaro Herrera <alvherre@atentus.com> writes: > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and > > removes the use of PGPASSWORD. > > Were we actually going to *remove* that, as opposed to deprecate it? > > There are systems (in fact many) where it's perfectly secure, so I'm > not that thrilled about removing functionality ... PLEASE DO NOT REMOVE IT WITHOUT AT LEAST ONE RELEASE CYCLE WARNING. You will ****BREAK**** People. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 2: you can get off all lists at once with the unregister command > (send "unregister YourEmailAddressHere" to majordomo@postgresql.org) > -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
Larry Rosenman dijo: > On Sun, 2002-08-11 at 15:45, Tom Lane wrote: > > Alvaro Herrera <alvherre@atentus.com> writes: > > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and > > > removes the use of PGPASSWORD. > > > > Were we actually going to *remove* that, as opposed to deprecate it? > > > > There are systems (in fact many) where it's perfectly secure, so I'm > > not that thrilled about removing functionality ... > PLEASE DO NOT REMOVE IT WITHOUT AT LEAST ONE RELEASE CYCLE WARNING. > > You will ****BREAK**** People. Ok, advice taken. New patch attached. Preserves the ability to use PGPASSWORD, which in fact has preference over PGPASSWORDFILE. -- Alvaro Herrera (<alvherre[a]atentus.com>) www.google.com: interfaz de linea de comando para la web.
Attachment
Larry Rosenman wrote: > On Sun, 2002-08-11 at 15:45, Tom Lane wrote: > > Alvaro Herrera <alvherre@atentus.com> writes: > > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and > > > removes the use of PGPASSWORD. > > > > Were we actually going to *remove* that, as opposed to deprecate it? > > > > There are systems (in fact many) where it's perfectly secure, so I'm > > not that thrilled about removing functionality ... > PLEASE DO NOT REMOVE IT WITHOUT AT LEAST ONE RELEASE CYCLE WARNING. > > You will ****BREAK**** People. OK, we will keep it for one release. Good point. Shame we couldn't do that will the 'reading password from /dev/tty' change we made in 7.2. I guess we could have had an environment variable control it, but that is kind of weird. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
On Mon, 2002-08-12 at 00:16, Bruce Momjian wrote: > Larry Rosenman wrote: > > On Sun, 2002-08-11 at 15:45, Tom Lane wrote: > > > Alvaro Herrera <alvherre@atentus.com> writes: > > > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and > > > > removes the use of PGPASSWORD. > > > > > > Were we actually going to *remove* that, as opposed to deprecate it? > > > > > > There are systems (in fact many) where it's perfectly secure, so I'm > > > not that thrilled about removing functionality ... > > PLEASE DO NOT REMOVE IT WITHOUT AT LEAST ONE RELEASE CYCLE WARNING. > > > > You will ****BREAK**** People. > > OK, we will keep it for one release. Good point. > > Shame we couldn't do that will the 'reading password from /dev/tty' > change we made in 7.2. I guess we could have had an environment > variable control it, but that is kind of weird. make sure the fact that PGPASSWORD is going away is ***PROMINENT*** in the release notes and README and anywhere PGPASSWORD is documented. If in fact, given TGL's objection, that it will go away in 7.4. LER -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
Larry Rosenman wrote: > > Shame we couldn't do that will the 'reading password from /dev/tty' > > change we made in 7.2. I guess we could have had an environment > > variable control it, but that is kind of weird. > make sure the fact that PGPASSWORD is going away is ***PROMINENT*** in > the release notes and README and anywhere PGPASSWORD is documented. If > in fact, given TGL's objection, that it will go away in 7.4. Did you find the documentation that LIMIT #,# was being removed in 7.3 to be prominent in 7.2? The only way to do PGPASSWORD right would be to test OS's to see which one's have secure environment variables. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
On Mon, 2002-08-12 at 10:53, Bruce Momjian wrote: > Larry Rosenman wrote: > > > Shame we couldn't do that will the 'reading password from /dev/tty' > > > change we made in 7.2. I guess we could have had an environment > > > variable control it, but that is kind of weird. > > make sure the fact that PGPASSWORD is going away is ***PROMINENT*** in > > the release notes and README and anywhere PGPASSWORD is documented. If > > in fact, given TGL's objection, that it will go away in 7.4. > > Did you find the documentation that LIMIT #,# was being removed in 7.3 > to be prominent in 7.2? Sort of. I only see it in the history file..... > > The only way to do PGPASSWORD right would be to test OS's to see which > one's have secure environment variables. SYSV based systems seem to, although those with Linux Personalities grafted on may break that (e.g. OpenUNIX). > > -- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 359-1001 > + If your life is a hard drive, | 13 Roberts Road > + Christ can be your backup. | Newtown Square, Pennsylvania 19073 -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
Your patch has been added to the PostgreSQL unapplied patches list at:
http://candle.pha.pa.us/cgi-bin/pgpatches
I will try to apply it within the next 48 hours.
---------------------------------------------------------------------------
Alvaro Herrera wrote:
> Larry Rosenman dijo:
>
> > On Sun, 2002-08-11 at 15:45, Tom Lane wrote:
> > > Alvaro Herrera <alvherre@atentus.com> writes:
> > > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and
> > > > removes the use of PGPASSWORD.
> > >
> > > Were we actually going to *remove* that, as opposed to deprecate it?
> > >
> > > There are systems (in fact many) where it's perfectly secure, so I'm
> > > not that thrilled about removing functionality ...
>
> > PLEASE DO NOT REMOVE IT WITHOUT AT LEAST ONE RELEASE CYCLE WARNING.
> >
> > You will ****BREAK**** People.
>
> Ok, advice taken. New patch attached. Preserves the ability to use
> PGPASSWORD, which in fact has preference over PGPASSWORDFILE.
>
> --
> Alvaro Herrera (<alvherre[a]atentus.com>)
> www.google.com: interfaz de linea de comando para la web.
Content-Description:
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
Patch applied. Thanks. --------------------------------------------------------------------------- Alvaro Herrera wrote: > Larry Rosenman dijo: > > > On Sun, 2002-08-11 at 15:45, Tom Lane wrote: > > > Alvaro Herrera <alvherre@atentus.com> writes: > > > > I attach a patch that adds the PGPASSWORDFILE ability to libpq, and > > > > removes the use of PGPASSWORD. > > > > > > Were we actually going to *remove* that, as opposed to deprecate it? > > > > > > There are systems (in fact many) where it's perfectly secure, so I'm > > > not that thrilled about removing functionality ... > > > PLEASE DO NOT REMOVE IT WITHOUT AT LEAST ONE RELEASE CYCLE WARNING. > > > > You will ****BREAK**** People. > > Ok, advice taken. New patch attached. Preserves the ability to use > PGPASSWORD, which in fact has preference over PGPASSWORDFILE. > > -- > Alvaro Herrera (<alvherre[a]atentus.com>) > www.google.com: interfaz de linea de comando para la web. Content-Description: [ Attachment, skipping... ] > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073