Re: [HACKERS] TODO list updated
Bruce Momjian <pgman@candle.pha.pa.us>
From: Bruce Momjian <pgman@candle.pha.pa.us>
To: The Hermit Hacker <scrappy@hub.org>
Cc: Peter Eisentraut <peter_e@gmx.net>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2000-01-13T01:12:54Z
Lists: pgsql-hackers
> On Wed, 12 Jan 2000, Bruce Momjian wrote: > > > OK, now we have to decide if we are going to require this be done as > > part of initdb. I am inclined to say the user _has_ to be _prompted_ in > > a secure matter for the password as part of initdb. Have a command-line > > switch for the password is not secure, IMHO, though it is better than > > nothing. > > If we do a 'CREATE USER <user> WITH PASSWORD <pass>', its no more secure > then using a command line switch for password ... Why is that? ps shows command args, righ? -- Bruce Momjian | http://www.op.net/~candle maillist@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026