set the PGPASSWORD file to read-only, then close and unlink it

author Steve Singer <ssinger@ca.afilias.info>

Thu, 8 Nov 2012 17:58:42 +0000 (12:58 -0500)

committer Luiz K. Matsumura <luiz.matsumura@gmail.com>

Thu, 8 Nov 2012 22:14:28 +0000 (20:14 -0200)
author Steve Singer <ssinger@ca.afilias.info>
Thu, 8 Nov 2012 17:58:42 +0000 (12:58 -0500)
committer Luiz K. Matsumura <luiz.matsumura@gmail.com>
Thu, 8 Nov 2012 22:14:28 +0000 (20:14 -0200)
diff --git a/tools/altperl/slon-tools.pm b/tools/altperl/slon-tools.pm

index 2ee4e79587a5cac88f2ddd91e25e49a62ca563e6..4072ccfd925f0473bf20ecf9b6ef98753b9731be 100644 (file)
--- a/tools/altperl/slon-tools.pm
+++ b/tools/altperl/slon-tools.pm
@@ -238,8 +238,11 @@ limit 1)
    my $result;
    if ($passwd) {
       my ($fh, $filename) = tempfile();
+     chmod( 0600, $filename);
       print $fh "$host:$port:$dbname:$dbuser:$password";
+     close $fh;
       $result=`PGPASSFILE=$filename @@PGBINDIR@@/psql -p $port -h $host -U $dbuser -c "$query" --tuples-only $dbname`;
+     unlink $filename;
    } else {
       $result=`@@PGBINDIR@@/psql -p $port -h $host -U $dbuser -c "$query" --tuples-only $dbname`;
    }
@@ -326,8 +329,11 @@ limit 1;   --- One such entry is sufficient...
    my $result;
    if ($passwd) {
       my ($fh, $filename) = tempfile();
+     chmod(0600,$filename);
       print $fh "$host:$port:$dbname:$dbuser:$password";
+     close $fh;
       $result=`PGPASSFILE=$filename @@PGBINDIR@@/psql -p $port -h $host -U $dbuser -c "$query" --tuples-only $dbname`;
+     unlink $filename;
    } else {
       $result=`@@PGBINDIR@@/psql -p $port -h $host -c "$query" -U $dbuser --tuples-only $dbname`;
    }
author	Steve Singer <ssinger@ca.afilias.info>
	Thu, 8 Nov 2012 17:58:42 +0000 (12:58 -0500)
committer	Luiz K. Matsumura <luiz.matsumura@gmail.com>
	Thu, 8 Nov 2012 22:14:28 +0000 (20:14 -0200)