On 2024-Oct-16, mbork@xxxxxxxx wrote: > I understand why giving the password on the command line or in an > environment variable is a security risk (because of `ps`), but I do not > understand why `psql` doesn't have an option like `--password-command` > accepting a command which then prints the password on stdout. For > example, I could then use `pass` (https://www.passwordstore.org/) with > gpg-agent. We had a patch to add PGPASSCOMMAND once: https://www.postgresql.org/message-id/flat/CAE35ztOGZqgwae3mBA%3DL97pSg3kvin2xycQh%3Dir%3D5NiwCApiYQ%40mail.gmail.com I don't remember the overall conclusions (other than the patch being rejected), but maybe you can give that a read. -- Álvaro Herrera PostgreSQL Developer — https://www.EnterpriseDB.com/
