Re: [HACKERS] TODO list updated

Peter Eisentraut <e99re41@docs.uu.se>

From: Peter Eisentraut <e99re41@DoCS.UU.SE>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: The Hermit Hacker <scrappy@hub.org>, Bruce Momjian <pgman@candle.pha.pa.us>, PostgreSQL-development <pgsql-hackers@postgreSQL.org>
Date: 2000-01-13T11:16:09Z
Lists: pgsql-hackers
On Wed, 12 Jan 2000, Tom Lane wrote:

> Note that if initdb is a shell script, then it still has to be very
> careful what it does with the password; put it in any command line
> for a program invoked by the script, and the leak is back with you.
> A C-program version of initdb would be a lot safer.  But in theory you
> can pass the password to the backend without exposing it in any command
> line (put it in a data file instead, say).

What is does is some sort of sed s/genericpassword/realpassword/ so I
guess this is not completely safe either. But something like this you'd
have to do. Can I count you in on beating Bruce into submission for an
initdb in C? ;)


-- 
Peter Eisentraut                  Sernanders vaeg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden