Re: [PATCH] pgpassfile connection option
Julian Markwort <julian.markwort@uni-muenster.de>
From: Julian Markwort <julian.markwort@uni-muenster.de>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Andrew Dunstan <andrew@dunslane.net>,
"pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2016-10-04T11:42:26Z
Lists: pgsql-hackers
On 09/26/2016 07:51 PM, Robert Haas wrote: > However, they don't have > to accept the possibility that arbitrary local files readable by the > user ID will be used for authentication and/or disclosed; this patch > would force them to accept that risk. I do agree with you, however we might have to take a look at the parameter sslkey's implementation here as well - There are no checks in place to stop you from using rogue sslkey parameters. I'd like to suggest having both of these parameters behave in a similar fashion. In order to achieve safe behaviour, we could implement the use of environment variables prohibiting the use of user-located pgpassfiles and sslkeys. How about PGSECRETSLOCATIONLOCK ?
Commits
-
Allow password file name to be specified as a libpq connection parameter.
- ba005f193d88 10.0 landed