Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1t1BYB-00F5Lv-2M for pgsql-general@arkaria.postgresql.org; Wed, 16 Oct 2024 21:27:23 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1t1BY9-00ATPj-2b for pgsql-general@arkaria.postgresql.org; Wed, 16 Oct 2024 21:27:21 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1t1BY8-00ATOY-Nq for pgsql-general@lists.postgresql.org; Wed, 16 Oct 2024 21:27:21 +0000 Received: from mail.hjp.at ([212.17.106.138] helo=rorschach.hjp.at) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1t1BY5-001FTL-CL for pgsql-general@lists.postgresql.org; Wed, 16 Oct 2024 21:27:19 +0000 Received: by rorschach.hjp.at (Postfix, from userid 1000) id 33E5622ED6; Wed, 16 Oct 2024 23:27:15 +0200 (CEST) Date: Wed, 16 Oct 2024 23:27:15 +0200 From: "Peter J. Holzer" To: pgsql-general@lists.postgresql.org Subject: Re: What are best practices wrt passwords? Message-ID: <20241016212715.b5ioj7pwfeoqzkzm@hjp.at> Mail-Followup-To: pgsql-general@lists.postgresql.org References: <87o73kgzkd.fsf@mbork.pl> <87frowggzq.fsf@mbork.pl> <186766.1729097245@sss.pgh.pa.us> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="hdmfqqllp6evedxv" Content-Disposition: inline In-Reply-To: List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --hdmfqqllp6evedxv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2024-10-16 09:50:41 -0700, Christophe Pettus wrote: > > On Oct 16, 2024, at 09:47, Tom Lane wrote: > > I believe it depends on your platform --- some BSDen are pretty > > permissive about this, if memory serves. On a Linux box it seems > > to work for processes owned by yourself even if you're not superuser. >=20 > I just tried it on an (admittedly kind of old) Ubuntu system and MacOS > 14, and it looks like shows everything owned by everyone, even from a > non-sudoer user. On Linux, unprivileged users can only see the environment of their own processes since a *very* long time ago. Possibly even before Ubuntu even existed. So I'm somewhat sceptical about that. Some other Unixes were more permissive. I don't know what camp MacOS falls into. hp --=20 _ | Peter J. Holzer | Story must make more sense than reality. |_|_) | | | | | hjp@hjp.at | -- Charles Stross, "Creative writing __/ | http://www.hjp.at/ | challenge!" --hdmfqqllp6evedxv Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEETtJbRjyPwVTYGJ5k8g5IURL+KF0FAmcQL6wACgkQ8g5IURL+ KF3eyA/+MPCjqD+b2hcQ8JWWF4msQtXtdq8kPGzzYlNKZWOlyHDb58/F46P0IHYj cjlBd4VVnZ0GEftvWL2TWEMXWm14faxjkIoX3iEutU9Krm30GbnPuw0NqA5w166f 0kdJix8cMG0kn2NYGXJx8H3GuvyekaMMm2r9Qvd6ST3Ldy3ypSHsS6oG82/U0y5b 9zGDi3FPAd4R2xApJM4ff3B0RSGzMHdwZOZIkUpbONfo/TbnTNEz2WBHn+7sJRtE GATTIxTjbykqatUGavpvb5T1tJs9nBNiqiJ3Lw1iuaFijN/RsPNXU1NW8bYFywWQ P3udlVG8dUTxun4Zc7q5elTrXuYM4xsyHO4e4o4EATzGi47oDdyiwVJbIcxCv8FH QE9NSmWryexzq4WcXyTkvVdNVvQ6wNE6nfyEnqkq5gzXaZxUy7StMSHbFKogYPDG E+xxZ8cTNVnqTtuY87RhKuMgmsLgrL+0LcNod9J4WQ3L/+ZZMPUELgDfiXPF+hoh 5uAB+hGkFdAfRmaA1z77qyMzobUoCs1GQILC4E557zaWpAh1sBFgynymg9mEx6eZ 0h0pLnCZAkwkINu6mKYgTl2djjGSqzhcINQet9WOoWaVvhRp9s8KeDiCwpGqaTJm xuC0fj5i/Vzlv2I3FfFNP4fLEH/Oz5lleTsd9MeQXz7OqMF+j78= =pn3k -----END PGP SIGNATURE----- --hdmfqqllp6evedxv--