From: Sam Steingold <sds@gnu.org>
To: emacs-devel@gnu.org
Subject: Re: (sql-postgres-login-params): Add user and database defaults.
Date: Mon, 10 Nov 2014 16:15:45 -0500 [thread overview]
Message-ID: <m21tpalptq.fsf@gnu.org> (raw)
In-Reply-To: 1614810674.176716.1415576364167.JavaMail.yahoo@jws10675.mail.bf1.yahoo.com
> * Michael Mauger <zvpunry@znhtre.pbz> [2014-11-09 23:39:24 +0000]:
>
>> On Friday, November 7, 2014 2:37 PM, Sam Steingold <sds@gnu.org> wrote:
>
>> Michael,
>> Why did you add defaults to the sql-postgres-login-params option?
>> No other sql-<product>-login-params have them.
>> (The list also misses the password, but that was even before your
>> 36827ec251bb18183110463a83d55b205653fd5d commit).
>> Thanks.
>
>
> That was a commit from 4 years ago; I have problems remembering last week.
:-)
> A few related items:
>
> * The defaults specified in the login-params are the same as the psql
> program, but I am certainly open to changing the defaults or
> eliminating them entirely if people agree. I don't use PG often so
> I'm certainly open to feedback from regular users of it. And
> obviously, you can customize its value to suit your workflow better.
I don't think these defaults are useful (to put it mildly).
> * The reason that there is no support for entering the password in
> postgres is that there is no command line option or syntax available
> to pass the value in `psql'.
"psql -W" forces password prompt, so, I think, there should be a way for
me to tell emacs which password to use.
> There is a long open bug report identifying passing passwords on the
> command line as being a security risk, but I have not implemented an
> alternative mechanism. I am hacking a mechanism currently to not pass
> password on the command line and provide it as program input when
> prompted. Postgres is one platform that could benefit from such behavior.
I know of security implication of passing passwords on the command
line, but I disagree that this should be disabled. A note in the man
page and the usage message printed by "--help" should be enough.
> Any feedback or patches are actively encouraged.
Thanks.
--
Sam Steingold (http://sds.podval.org/) on darwin Ns 10.3.1343
http://www.childpsy.net/ http://jihadwatch.org http://islamexposedonline.com
http://americancensorship.org http://truepeace.org http://honestreporting.com
If your VCR is still blinking 12:00, you don't want Linux.
next prev parent reply other threads:[~2014-11-10 21:15 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-07 19:37 (sql-postgres-login-params): Add user and database defaults Sam Steingold
2014-11-09 23:39 ` Michael Mauger
2014-11-10 21:15 ` Sam Steingold [this message]
[not found] ` <487064807.437464.1415674152184.JavaMail.yahoo@jws10645.mail.bf1.yahoo.com>
2014-11-11 19:37 ` Sam Steingold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m21tpalptq.fsf@gnu.org \
--to=sds@gnu.org \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.