| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org, Ricardo Vaz - TCESP <jrvaz(at)tce(dot)sp(dot)gov(dot)br> |
| Subject: | Re: Log of CREATE USER statement |
| Date: | 2005-12-09 18:21:35 |
| Message-ID: | 1134152496.28319.3.camel@jd.commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, 2005-12-09 at 13:03 -0500, Bruce Momjian wrote:
> Tom Lane wrote:
> > Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> > > Users who choose a password
> > > should have the assurance that the password cannot be seen in
> > > plain-text by anyone anywhere. In a PostgreSQL system, the password
> > > can be seen in all kinds of places, like the psql history, the server
> > > log, the activity displays, and who knows where else.
> >
> > As I said already, if the user wishes the password to be secure, he
> > needs to encrypt it on the client side. Anything else is just the
> > illusion of security.
>
> Should we document this?
That is a good question. One argument is, no. It should be fairly
obvious that if you don't turn on SSL then nothing is going to be
encrypted.
The other argument is that we should be explicit as possible...
Sincerely,
Joshua D. Drake
--
The PostgreSQL Company - Command Prompt, Inc. 1.503.667.4564
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
Managed Services, Shared and Dedicated Hosting
Co-Authors: PLphp, PLperl, ODBCng - http://www.commandprompt.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kevin Grittner | 2005-12-09 18:25:07 | Re: Backslashes in string literals |
| Previous Message | Bruce Momjian | 2005-12-09 18:03:16 | Re: Log of CREATE USER statement |