On Fri, 21 Feb 2020 at 08:03, Michael Leonhard wrote:
> 1. parse a perfectly good URI
You have a URI with embedded password, which to me is not a perfectly
good URI at all. I think the problem really lies with the input:
separate your secret credentials out to start with, don't munge them
into a
Hi Tom,
Thanks for your reply. A new PGURI env var would have the same
security risks as the existing PGPASSWORD env var, but no more. It
would be a usability improvement for folks using Docker. Docker
provides some special security benefits. I believe that we can
improve security for users by
Michael Leonhard writes:
> I need to pass a connection string to psql inside Docker [2]. I can
> pass it as a process argument, but this exposes the password to other
> processes on my machine:
> $ docker run --rm -i -t postgres:11 psql "$(cat db_uri)"
Yeah, if you include the password in the UR
