| From: | dlo(at)isam(dot)kiwi |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password |
| Date: | 2014-05-07 04:32:48 |
| Message-ID: | 20140507043248.1398.38867@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 10250
Logged by: Ben Walter
Email address: dlo(at)isam(dot)kiwi
PostgreSQL version: Unsupported/Unknown
Operating system: openSUSE 13.1 (Bottle) (x86_64)
Description:
When storing credentials for connections into ~/.pgpass the credentials is
stored in delimited plaintext form. Not only is this practise a security
risk, but when the credential contains the delimiter (colon) it fails to be
read back out and app responds with "invalid credentials".
x.x.x.x:5432:*:username:password:with:colons
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-05-07 15:44:31 | Re: BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password |
| Previous Message | J.F. Oster | 2014-05-05 14:22:15 | Re: [pgadmin-support] Search feature request |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2014-05-07 05:00:46 | Re: can insert timestamp value that can't be read |
| Previous Message | Jamie Koceniak | 2014-05-07 03:02:22 | Re: BUG #9635: Wal sender process is using 100% CPU |