I changed the code to properly test for the existance of a configuration key before use.
I took over the unsetting of PGPASSWORD from the database back-up code of standard OpenERP. I think it is not wrong to clear a plaintext password from memory as soon as possible. Although ofcourse there already is a certain security risk in having the password in a plain text config file in the first place.
@Holger
I changed the code to properly test for the existance of a configuration key before use.
I took over the unsetting of PGPASSWORD from the database back-up code of standard OpenERP. I think it is not wrong to clear a plaintext password from memory as soon as possible. Although ofcourse there already is a certain security risk in having the password in a plain text config file in the first place.