Re: Better auth errors from libpq

On Fri, Sep 12, 2008 at 10:08:56AM +0200, Markus Schiltknecht wrote:
> Hi,
>
> David Fetter wrote:
>> I'm all for something, and that's a much better something. What we
>> have now--nothing--actively distresses newbies for no good reason.
>>
>> I don't know how many people we've lost right at that point, but
>> the number has to be high, as most people don't just hop into IRC
>> with their problem.
>
> Maybe something much more specific, i.e. triggering only if one
> tried to connect via localhost or unix sockets, and only if one
> tried to authenticate as 'root' without a password.

It's not the root part that confuses people, but the entire message.

> The hint shoud IMO say something like: "The default superuser is
> postgres, not root". Something that's useful for this specific case
> and doesn't disturb in others. And something that's public
> knowledge, which any reasonably serious attacker already knows
> anyway.

I, too, disagree with the "security by obscurity" approach to auth
error messages. A system cracker will not be deterred by any such a
thing, but a new user can easily be.

Cheers,
David.
--
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter
Skype: davidfetter XMPP: david(dot)fetter(at)gmail(dot)com

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate