'Re: Deprecating plans for PGPASSWORD environment variable as insecure'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postgresql-general
Subject:    Re: Deprecating plans for PGPASSWORD environment variable as insecure
From:       Pavel Stehule <pavel.stehule () gmail ! com>
Date:       2021-12-27 9:03:51
Message-ID: CAFj8pRB1nK0kwYyJ4bnBGU+90a9VPWDRKq3NFbYyyAZiH_=i-Q () mail ! gmail ! com
[Download RAW message or body]

Hi

po 27. 12. 2021 v 9:55 odes=C3=ADlatel Alexey Murz Korepov <murznn@gmail.co=
m>
napsal:

> MySQL in version have deprecated the `MYSQL_PWD` environment variable,
> because they considers this way as insecure, quote from
> https://dev.mysql.com/doc/refman/8.0/en/environment-variables.html#idm454=
29554761920
> :
>
> >  Use of MYSQL_PWD to specify a MySQL password must be considered
> extremely insecure and should not be used. Some versions of ps include an
> option to display the environment of running processes. On some systems, =
if
> you set MYSQL_PWD, your password is exposed to any other user who runs ps=
.
> Even on systems without such a version of ps, it is unwise to assume that
> there are no other methods by which users can examine process environment=
s.
>
> So I want to ask - is there the same plan for PostgreSQL with it's
> `PGPASSWORD` environment variable for future versions, or will it stay as
> non-deprecated for future versions, and we can continue to use it without
> worrying?
>

 I don't remember any discussion about it. In the documentation is note, so
this way is not preferred

PGPASSWORD behaves the same as the password
<https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNECT-P=
ASSWORD>
connection parameter. Use of this environment variable is not recommended
for security reasons, as some operating systems allow non-root users to see
process environment variables via ps; instead consider using a password
file (see Section 34.16
<https://www.postgresql.org/docs/current/libpq-pgpass.html>).

https://www.postgresql.org/docs/current/libpq-envars.html

Regards

Pavel


> --
> Best regards,
> Alexey Murz Korepov.
> E-mail: murznn@gmail.com
> Messengers: Matrix - https://matrix.to/#/@murz:ru-matrix.org Telegram -
> @MurzNN
>

[Attachment #3 (text/html)]

<div dir="ltr"><div>Hi<br></div><br><div class="gmail_quote"><div dir="ltr" \
class="gmail_attr">po 27. 12. 2021 v  9:55 odesílatel Alexey Murz Korepov &lt;<a \
href="mailto:murznn@gmail.com">murznn@gmail.com</a>&gt; napsal:<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"><div dir="ltr">MySQL in version have deprecated \
the `MYSQL_PWD` environment variable, because they considers this way as insecure, \
quote from  <a href="https://dev.mysql.com/doc/refman/8.0/en/environment-variables.html#idm45429554761920" \
target="_blank">https://dev.mysql.com/doc/refman/8.0/en/environment-variables.html#idm45429554761920</a>:<div><br></div><div>&gt; \
Use of MYSQL_PWD to specify a MySQL password must be considered extremely insecure \
and should not be used. Some versions of ps include an option to display the \
environment of running processes. On some systems, if you set MYSQL_PWD, your \
password is exposed to any other user who runs ps. Even on systems without such a \
version of ps, it is unwise to assume that there are no other methods by which users \
can examine process environments.</div><div><br clear="all"><div>So I want to ask - \
is there the same plan for PostgreSQL with it&#39;s `PGPASSWORD` environment variable \
for future versions, or will it stay as non-deprecated for future versions,  and we \
can continue to use  it without \
worrying?</div></div></div></blockquote><div><br></div><div>  I don&#39;t remember \
any discussion about it. In the documentation is note, so this way is not preferred \
<br></div><div><br></div><div><code class="envar">PGPASSWORD</code> behaves the same \
as the <a class="gmail-xref" \
href="https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNECT-PASSWORD">password</a>
  connection parameter. Use of this environment variable is not 
recommended for security reasons, as some operating systems allow 
non-root users to see process environment variables via <span \
class="gmail-application">ps</span>; instead consider using a password file (see <a \
class="gmail-xref" href="https://www.postgresql.org/docs/current/libpq-pgpass.html" \
title="34.16.  The Password File">Section  34.16</a>).</div><div><br></div><div><a \
href="https://www.postgresql.org/docs/current/libpq-envars.html">https://www.postgresq \
l.org/docs/current/libpq-envars.html</a></div><div><br></div><div>Regards</div><div><br></div><div>Pavel<br></div><div><br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><font \
color="#888888"></font></div><br>-- <br><div dir="ltr"><div dir="ltr"><div><div \
dir="ltr">Best regards,<br>Alexey Murz Korepov.<br>E-mail: <a \
href="mailto:murznn@gmail.com" target="_blank">murznn@gmail.com</a><br>Messengers: \
Matrix - <a href="https://matrix.to/#/@murz:ru-matrix.org" \
target="_blank">https://matrix.to/#/@murz:ru-matrix.org</a> Telegram - \
@MurzNN</div></div></div></div></div> </blockquote></div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic