postgresql's 502.pgsql periodic script and passwords
Michael Fuhr
mike at fuhr.org
Tue Jan 30 01:32:55 UTC 2007
On Mon, Jan 29, 2007 at 09:23:52AM -0500, Bill Moran wrote:
> In response to George Hartzell <hartzell at alerce.com>:
> > I've "solved" the problem by creating a ~pgsql/.pgpass file with the
> > pgsql users password.
> >
> > Is there a better way?
>
> Depends. Do you allow untrusted users to log in to that machine? If
> so, then you've probably got the best approach. Make sure that .pgpass
> file is chmoded 600
Another possibility would be to use the "ident" method over a local
(i.e., Unix-domain) socket. You'd be authenticating via SO_PEERCRED;
no .pgpass file would be necessary.
--
Michael Fuhr
More information about the freebsd-ports
mailing list