| From: | Guillaume Lelarge <guillaume(dot)lelarge(at)dalibo(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Add a warning message when using unencrypted passwords |
| Date: | 2025-02-04 18:14:15 |
| Message-ID: | 1f2cc1ee-e169-49be-87e6-d336d02e6e48@dalibo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 04/02/2025 17:59, Tom Lane wrote:
> Guillaume Lelarge <guillaume(dot)lelarge(at)dalibo(dot)com> writes:
>> v2 is attached.
>
> This seems pretty much entirely useless to me. The password
> has already been leaked to the log (*and* the network, if
> session is unencrypted), so what's the point of a warning?
> And as already noted, this ignores several other hazards of
> the same sort, so it's more likely to create a false sense of
> security than anything else.
>
> (In addition to the points noted, what of event triggers?
> Or ~/.psql_history?)
>
I agree that the warning itself doesn't make the password secure. But it
never pretends to do that. If I, as a user, see a message like this, my
next move will be to search for a way to change my password in a secure way.
Warning users won't save everyone, but it may help some. Doing nothing
helps no one.
--
Guillaume Lelarge
Consultant
https://dalibo.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Masahiko Sawada | 2025-02-04 18:20:29 | Re: Fix assert failure when decoding XLOG_PARAMETER_CHANGE on primary |
| Previous Message | Sami Imseih | 2025-02-04 17:59:05 | Re: Sample rate added to pg_stat_statements |