Re: [HACKERS] TODO list updated

Bruce Momjian <pgman@candle.pha.pa.us>

From: Bruce Momjian <pgman@candle.pha.pa.us>
To: The Hermit Hacker <scrappy@hub.org>
Cc: Peter Eisentraut <peter_e@gmx.net>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2000-01-13T01:12:54Z
Lists: pgsql-hackers
> On Wed, 12 Jan 2000, Bruce Momjian wrote:
> 
> > OK, now we have to decide if we are going to require this be done as
> > part of initdb.  I am inclined to say the user _has_ to be _prompted_ in
> > a secure matter for the password as part of initdb.  Have a command-line
> > switch for the password is not secure, IMHO, though it is better than
> > nothing.
> 
> If we do a 'CREATE USER <user> WITH PASSWORD <pass>', its no more secure
> then using a command line switch for password ... 

Why is that?  ps shows command args, righ?


-- 
  Bruce Momjian                        |  http://www.op.net/~candle
  maillist@candle.pha.pa.us            |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026