Don't provide the password with dbconsole unless explicitly opted in.

Some operating system configurations allow other users to view your process list
or environmental variables.  This option should not be used on shared hosts.

http://dev.mysql.com/doc/refman/5.0/en/password-security.html
http://www.postgresql.org/docs/8.3/static/libpq-envars.html

railties/lib/commands/dbconsole.rb

@@ -2,8 +2,13 @@
 require 'yaml'
 require 'optparse'
 
+include_password = false
+
 OptionParser.new do |opt|
-  opt.banner = "Usage: dbconsole [environment]"
+  opt.banner = "Usage: dbconsole [options] [environment]"
+  opt.on("-p", "--include-password", "Automatically provide the database from database.yml") do |v|
+    include_password = true
+  end
   opt.parse!(ARGV)
   abort opt.to_s unless (0..1).include?(ARGV.size)
 end
@@ -31,10 +36,13 @@ def find_cmd(*commands)
     'port'      => '--port',
     'socket'    => '--socket',
     'username'  => '--user',
-    'password'  => '--password',
     'encoding'  => '--default-character-set'
   }.map { |opt, arg| "#{arg}=#{config[opt]}" if config[opt] }.compact
 
+  if config['password'] && include_password
+    args << "--password=#{config['password']}"
+  end
+
   args << config['database']
 
   exec(find_cmd('mysql5', 'mysql'), *args)
@@ -43,7 +51,7 @@ def find_cmd(*commands)
   ENV['PGUSER']     = config["username"] if config["username"]
   ENV['PGHOST']     = config["host"] if config["host"]
   ENV['PGPORT']     = config["port"].to_s if config["port"]
-  ENV['PGPASSWORD'] = config["password"].to_s if config["password"]
+  ENV['PGPASSWORD'] = config["password"].to_s if config["password"] && include_password
   exec(find_cmd('psql'), config["database"])
 
 when "sqlite"