Thanks for answering Yes, you are right. This is a client-side file. However, our concern is that we have to consider this practice as a security issue. We'd like to ban this practice for our product which is, thus, wrapping PostgresQL engine. Thus my questions - is there any configuration that can be done on server side to prevent the client side to use such file to read passwords ? - is there any options that can be set in postgres libpq C library to prevent the connection functions to search for password in files ? Thanks -- -----Original Message----- From: Raymond O'Donnell [mailto:rod@xxxxxx] Sent: mercredi 31 mars 2010 19:00 To: Christophe Dore Cc: pgsql-general@xxxxxxxxxxxxxx Subject: Re: prevent connection using pgpass.conf On 31/03/2010 16:32, Christophe Dore wrote: > Hi > > We are building a solution using some dedicated postgresql servers (and > dedicated C++ and Java apps). For security reasons, we'd like to prevent > users to connect (from our apps at least) to those servers with > passwords stored in files such as pgpass.conf. Unless I'm mistaken, my understanding is that pgpass files are stored on client machines, not the server, so if the clients are connecting from different machines this shouldn't be a problem in the first place. Ray. -- Raymond O'Donnell :: Galway :: Ireland rod@xxxxxx -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
