Avoid hard-coding your PostgreSQL database password

Source: Internet
Author: User
Tags postgresql file permissions

A password file contains the five fields we need to connect, so we can use file permissions to make the password more secure.

Host:port:dbname:user:password

such as Myhost:5432:postgres:sriggs:moresecure

The password file is set using an environment variable called Pgpassfile. If Pgpassfile is not set, then a default filename and location is searched:

In the *nix system, check the ~/pgpass.

In Windows system, check that%appdata%\postgresql\pgpass.conf,%appdata% is the path in which the Application Data subdirectory (for me, is C + +)

In the *nix system, chmod 0600 ~/.pgpass

A password file can contain multiple lines. Each line matches the requested Host:port:dbname:user combination until we find a row to match, and then we use that password.

Each entry can be a literal value or a wildcard that can match any character. Partial matches are not supported. Partial matches are not supported. With the appropriate permissions, the user can connect to any database. It is meaningful to use wildcards in the dbname and port fields, although it is meaningless in other fields. Examples are as follows:

Host:port:dbname:user:password

Myhost:5432:*:sriggs:moresecurepw

Myhost:5432:perf:hannu:okpw

myhost:*:p Erf:gabriele:maggioresicurezza

If you have a small database server, this looks like a good improvement. If you have many different database servers, you may want to use a file that connects to the service, or you can store the details in an LDAP server.

Avoid hard-coding your PostgreSQL database password

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.