Date: Mon, 29 Jan 2007 18:09:10 -0700 From: Michael Fuhr <mike@fuhr.org> To: Bill Moran <wmoran@collaborativefusion.com> Cc: hartzell@alerce.com, freebsd-ports@freebsd.org Subject: Re: postgresql's 502.pgsql periodic script and passwords Message-ID: <20070130010910.GA90927@winnie.fuhr.org> In-Reply-To: <20070129092352.40c17abe.wmoran@collaborativefusion.com> References: <17853.34664.178712.123312@satchel.alerce.com> <20070129092352.40c17abe.wmoran@collaborativefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 29, 2007 at 09:23:52AM -0500, Bill Moran wrote: > In response to George Hartzell <hartzell@alerce.com>: > > I've "solved" the problem by creating a ~pgsql/.pgpass file with the > > pgsql users password. > > > > Is there a better way? > > Depends. Do you allow untrusted users to log in to that machine? If > so, then you've probably got the best approach. Make sure that .pgpass > file is chmoded 600 Another possibility would be to use the "ident" method over a local (i.e., Unix-domain) socket. You'd be authenticating via SO_PEERCRED; no .pgpass file would be necessary. -- Michael Fuhr
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070130010910.GA90927>