Re: BUG #10680: LDAP bind password leaks to log on failed authentication

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: smsiebe(at)gmail(dot)com
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #10680: LDAP bind password leaks to log on failed authentication
Date: 2014-06-19 12:44:32
Message-ID: 20140619124432.GP16098@tamriel.snowman.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Greetings,

* smsiebe(at)gmail(dot)com (smsiebe(at)gmail(dot)com) wrote:
> When a user fails to login when the LDAP method is used, the ldapbindpasswd
> (in plain text) is leaked to the log, even when the log level is set to
> warning.

If you don't want the server to see the user's password, don't use LDAP
authentication. A much better approach is Kerberos or client-side SSL
certificates.

There may be something which is done to improve the specific case
mentioned here (or perhaps not..), but if LDAP is used then the PG
server will see the user's password because that's how that
authentication system works.

Thanks,

Stephen

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Pontus Lundkvist 2014-06-19 13:01:28 Re: BUG #10692: psql: \c service=foo only uses dbname information
Previous Message mundus13 2014-06-19 11:29:44 BUG #10701: pg_dumpall.exe adds 0x0d to table comments