| Summary: | Master and Slave node password visible in running replication process | ||
|---|---|---|---|
| Product: | Slony-I | Reporter: | zaidshabbir <zaid.shabbir> |
| Component: | slon | Assignee: | Slony Bugs List <slony1-bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | critical | CC: | slony1-bugs |
| Priority: | low | ||
| Version: | devel | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Attachments: | password visible in running slony processes | ||
It has long been recommended to use .pgpass so that passwords are not captured in configuration in places like this. http://slony.info/documentation/2.2/security.html If you put passwords into conninfo strings, then it is well-known that it is likely to be visible to Unix users. |
Created attachment 213 [details] password visible in running slony processes Tested on Linux Tested with Replication 2.2.4 1. Initialize master and slave node. 2. Launch slony replication process. 3. Now grep the running replication process. { ps -ef|grep replication } 4. ps return the running processes with password of slave & master nodes.