The typical way to do this is to use .pgpass in the user's home directory. Does that help?
--------------------------------------------------------------------------- Olivier Thauvin wrote: > > The following bug has been logged online: > > Bug reference: 1567 > Logged by: Olivier Thauvin > Email address: [EMAIL PROTECTED] > PostgreSQL version: 8.0.1 > Operating system: Linux (Mandrake cooker) > Description: can't hide password with pg_autovacuum > Details: > > I found an security with pg_autovacuum :( > After looking the README and --help, it seems there is no way to start it > with a configuration file. > > This is not a problem except when the database is password protected, so you > have to use -P option to get it started (no prompt excpet I missed > something). > > The potential issue come from ps, the password is show in clear: > > nanardon 28664 0.4 0.0 3644 1384 ? Ss 04:05 0:00 pg_autovacuum > -D -s rpm2sql -PXXXXXX > > XXXXXX is my password in clear (hidden here of course). > As you can see, there is enought information here for someone having an > account on the host to connect to DB with admin privileges on the DB (not as > postgres user of course, but only the owner of the db can vacuum). > > Solution: > - change the command line after start like some ftp client does > - having the possiblility to read password from a file > - taking password from envirronment variable (AUTOVACUUM_PASS=pass > pg_autovacuum...) > > If I have any time, I will try to provide a patch, but my knowledge in C are > too poor to ensure quality :( > > ---------------------------(end of broadcast)--------------------------- > TIP 9: the planner will ignore your desire to choose an index scan if your > joining column's datatypes do not match > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives? http://archives.postgresql.org
