Re: [HACKERS] TODO list updated
Bruce Momjian <pgman@candle.pha.pa.us>
From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Peter Eisentraut <peter_e@gmx.net>, The Hermit Hacker <scrappy@hub.org>, PostgreSQL-development <pgsql-hackers@postgreSQL.org>
Date: 2000-01-13T17:22:23Z
Lists: pgsql-hackers
> Bruce Momjian <pgman@candle.pha.pa.us> writes: > >> You can't securely do > >> echo $PASSWORD | backend > >> or > >> echo $PASSWORD > allegedly-secure-temp-file > > > This is secure. echo is a shell builtin, and does not invoke a separate > > process with arguments. > > echo is a builtin in ksh and derivatives, but I don't think it's safe > to assume it is a builtin everywhere... I believe it is safe. csh and sh have it built in. Does anyone know of a shell that does not have echo builtin? How do you tell? Not sure. -- Bruce Momjian | http://www.op.net/~candle maillist@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026