> So - since there is at least one user who's suprised by this behaviour,
> we probably need two things:
> 1. A message that tells users the password is being remembered for
> *them* rather than for pgAdmin.
Well that is up to the pgAdmin team but I would agree that if pgAdmin is
going to continu
Tony Caduto wrote:
> Dave Page wrote:
> >
> > What you are saying is that because you don't believe in the pgpass
> > design, you are going to summarily delete them - which I know for
> > absolute sure would *really* annoy some pgAdmin users that I know for
> > a fact have a whole heap of passwo
Tom Lane wrote:
> Richard Huxton writes:
>> So - since there is at least one user who's suprised by this behaviour,
>> we probably need two things:
>> 1. A message that tells users the password is being remembered for
>> *them* rather than for pgAdmin.
>> 2. A simple way to allow an application
Richard Huxton writes:
> So - since there is at least one user who's suprised by this behaviour,
> we probably need two things:
> 1. A message that tells users the password is being remembered for
> *them* rather than for pgAdmin.
> 2. A simple way to allow an application to act independently of
Tony Caduto wrote:
> Dave Page wrote:
>>
>> What you are saying is that because you don't believe in the pgpass
>> design, you are going to summarily delete them - which I know for
>> absolute sure would *really* annoy some pgAdmin users that I know for
>> a fact have a whole heap of passwords stor
Tony Caduto wrote:
If pgAdmin III stored it's own passwords in the registry it would be up
to the user (as it should be) to use pgpass.
If they chose to use pgpass, libpq would override the passwords stored
in the registry anyway, which is what pgAdmin III is doing
automatically to my applicati
Tony Caduto <[EMAIL PROTECTED]> writes:
> You are correct on that fact Dave, however it does force them to store
> the password in a pgpass file without their knowledge.
This seems about on par with arguing that pgAdmin forces users to store
data in a database without their knowledge. Worse yet,
Dave Page wrote:
What you are saying is that because you don't believe in the pgpass
design, you are going to summarily delete them - which I know for
absolute sure would *really* annoy some pgAdmin users that I know for
a fact have a whole heap of passwords stored in theirs. Doing that
woul
Dave Page wrote:
pgAdmin doesn't force them to store any passwords at all. That's pure
FUD.
You are correct on that fact Dave, however it does force them to store
the password in a pgpass file without their knowledge.
When you check that box "Store Password" it is not warning the user that
Tony Caduto wrote:
Dave Page wrote:
I am sorry, but I believe the way pgAdmin III is using the pgpass file
is TOTALLY WRONG, sorry but it just is.
Actually, no, it's using it *exactly as it's documented* - which is not
unlike any other win32 app. For example, if you use the IE ActiveX
cont
Dave Page wrote:
I must Be missing the point - why should I work something out with your app for
using a documented feature of libpq in pgAdmin?
Dave,
The whole point is pgAdmin III is storing the password in the pgpass
file which is global for every single application that uses it, do
On Thu, Feb 01, 2007 at 02:17:00PM -0600, Tony Caduto wrote:
> Dave Page wrote:
> >Could this be proof of you using pgAdmin ( :-) ) and checking the Store
> >Password option? That'll save it in pgpass.conf in your profile.
> >
> >/D
> >
> >
> I won't deny I have it installed :-) I don't remembe
On Thu, Feb 01, 2007 at 09:53:26PM -, Dave Page wrote:
> > Not to mention that the whole pgpass thing is a huge security hole, it
> > would be different if the passwords where encrypted or hashed, but they
> > are just sitting there in plain text.
>
> In an 0600 file on *nix, or in your prof
On Thu, Feb 01, 2007 at 12:38:22PM -0600, Tony Caduto wrote:
> Magnus Hagander wrote:
> >
> >Have you been leaving the dark side lately?
> >(pgAdmin does this..)
> >
> >
> >
> I still have pgAdmin installed :-) it's a good reference tool.
:-)
> Is there a way to tell libpq in the connection s
> --- Original Message ---
> From: Tony Caduto <[EMAIL PROTECTED]>
> To: Dave Page <[EMAIL PROTECTED]>
> Sent: 01/02/07, 21:18:49
> Subject: Re: [GENERAL] I "might" have found a bug on 8.2.1 win32
>
> I may be forced to start deleting the pgpa
> > I think you could effectively disable the pgpass file (for a given
> > application) if the application always requires an explicit, non-blank
> > password from the user.
>
> If he does that, his users who do not use password-based authentication
> will be after him with the proverbial villager
<[EMAIL PROTECTED]> writes:
> I think you could effectively disable the pgpass file (for a given
> application) if the application always requires an explicit, non-blank
> password from the user.
If he does that, his users who do not use password-based authentication
will be after him with the pro
> > Is there a way to tell the libpq connect function not to use a pgpass
> > file?
>
> No, as Tom already said.
I think you could effectively disable the pgpass file (for a given
application) if the application always requires an explicit, non-blank
password from the user.
libpq won't use .p
> --- Original Message ---
> From: Tony Caduto <[EMAIL PROTECTED]>
> To: Dave Page <[EMAIL PROTECTED]>
> Sent: 01/02/07, 20:37:18
> Subject: Re: [GENERAL] I "might" have found a bug on 8.2.1 win32
>
> Dave Page wrote:
> > A non-admin use
> --- Original Message ---
> From: Tony Caduto <[EMAIL PROTECTED]>
> To: Dave Page <[EMAIL PROTECTED]>
> Sent: 01/02/07, 20:17:00
> Subject: Re: [GENERAL] I "might" have found a bug on 8.2.1 win32
>
> I won't deny I have it installed :-
> --- Original Message ---
> From: Tony Caduto <[EMAIL PROTECTED]>
> To: Magnus Hagander <[EMAIL PROTECTED]>, pgsql-general@postgresql.org
> Sent: 01/02/07, 18:38:22
> Subject: Re: [GENERAL] I "might" have found a bug on 8.2.1 win32
>
> I imagi
Dave Page wrote:
Could this be proof of you using pgAdmin ( :-) ) and checking the Store
Password option? That'll save it in pgpass.conf in your profile.
/D
I won't deny I have it installed :-) I don't remember using the stored
password option though.
Do you also use that for the pg_resto
> --- Original Message ---
> From: Tony Caduto <[EMAIL PROTECTED]>
> To: Bill Moran <[EMAIL PROTECTED]>
> Sent: 01/02/07, 17:13:25
> Subject: Re: [GENERAL] I "might" have found a bug on 8.2.1 win32
>
> Bill Moran wrote:
> >
> >
Tony Caduto <[EMAIL PROTECTED]> writes:
> Is there a way to tell libpq in the connection string or something not
> to use a pgpass.conf file? I looked in the libpq docs but didn't really
> see anything.
Making pgpass files harder or more annoying to use does not strike me as
a good idea. I rea
Magnus Hagander wrote:
Have you been leaving the dark side lately?
(pgAdmin does this..)
I still have pgAdmin installed :-) it's a good reference tool.
I imagine you guys are using it for the pg_restore/pg_dump? There
really should be a pg_dump.dll and a pg_restore.dll so a pgpass
file
Tony Caduto wrote:
> Never mind,
> somehow a application setup a pgpass.conf file for me
> without my knowledge.
Have you been leaving the dark side lately?
(pgAdmin does this..)
> Sorry it's not a bug. However I wonder if it might be a good idea if
> psql would raise a warning after logon that
Never mind,
somehow a application setup a pgpass.conf file for me
without my knowledge.
Sorry it's not a bug. However I wonder if it might be a good idea if
psql would raise a warning after logon that a pgpass.conf file was used
for authentication or have it written to the log.
I am sure some
Tony Caduto <[EMAIL PROTECTED]> writes:
> I just tried this from the command line and it let me right in:
> psql template1 -U postgres
> Didn't ask for a password or anything, and the localhost entry in
> pg_hba.conf is also set for md5.
You sure you restarted the postmaster (or did pg_ctl reload)
Well, there is something weird going on here:
If I change the postgres users password to the one I used during install
I get this when using psql:
C:\Program Files\PostgreSQL\8.2\bin>psql template1 -U postgres
DEBUG: InitPostgres
DEBUG: StartTransaction
DEBUG: name: unnamed; blockState:
Bill Moran wrote:
Will only apply if you connect via loopback networking (which is not
psql's default). Try your connect command like this:
psql template1 -U postgres -h 127.0.0.1
and see if the results change.
Hi Bill,
Using the -h 127.0.0.1 does cause the password prompt to fire, howeve
In response to Tony Caduto <[EMAIL PROTECTED]>:
> >
> > Question, I hope stupid, postgres user HAS a password right?
> >
> Yes, it has a password, I set the password from the installer, and I
> even reset it after the install was complete.
> I just tried this from the command line and it let me rig
Question, I hope stupid, postgres user HAS a password right?
Yes, it has a password, I set the password from the installer, and I
even reset it after the install was complete.
I just tried this from the command line and it let me right in:
psql template1 -U postgres
Didn't ask for a passwor
Tony Caduto wrote:
I had installed the win32 version awhile ago, but I had the pg_hba.conf
set to trust. Then I started to test SSL on win32 so I changed it to this:
hostall all 127.0.0.1/32 md5
hostall all 192.168.15.131/32 md5 #my pcs addd
33 matches
Mail list logo
