[Discuss] Passwords in Source Code?? Or, How to secure interprocess communications?

[Kent Borg]

All I am doing is connecting the server with the client code, on the 
same machine. I don't care what the password is, only that the two 
agree, on any given box.

How about this: Give every boot, of every box running the code, its own 
unique password.

At every boot, create a new password in a boot script (read a UUID out 
of /proc/sys/kernel/random/uuid). Give it to Postgres and put it in a 
config file with reasonable ownership restrictions appropriate to be 
read by the client code.

Seems pretty simple.

-kb

P.S. Also turn off all but loopback access to the server process.