From: | David Fetter <david(at)fetter(dot)org> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | PostgreSQL Development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Increase psql's password buffer size |
Date: | 2020-01-20 19:21:41 |
Message-ID: | 20200120192141.GW32763@fetter.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, Jan 20, 2020 at 07:44:25PM +0100, David Fetter wrote:
> On Mon, Jan 20, 2020 at 01:12:35PM -0500, Tom Lane wrote:
> > David Fetter <david(at)fetter(dot)org> writes:
> > > At least two cloud providers are now stuffing large amounts of
> > > information into the password field. This change makes it possible to
> > > accommodate that usage in interactive sessions.
> >
> > Like who?
>
> AWS and Azure are two examples I know of.
>
> > It seems like a completely silly idea. And if 2K is sane, why not
> > much more?
>
> Good question. Does it make sense to rearrange these things so they're
> allocated at runtime instead of compile time?
>
> > (I can't say that s/100/2048/ in one place is a particularly evil
> > change; what bothers me is the likelihood that there are other
> > places that won't cope with arbitrarily long passwords. Not all of
> > them are necessarily under our control, either.)
>
> I found one that is, so please find attached the next revision of the
> patch.
I found another place that assumes 100 bytes and upped it to 2048.
Best,
David.
--
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778
Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate
Attachment | Content-Type | Size |
---|---|---|
v3-0001-Increase-psql-s-password-buffer-size.patch | text/x-diff | 1.8 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2020-01-20 19:38:02 | Re: Increase psql's password buffer size |
Previous Message | Andres Freund | 2020-01-20 19:13:05 | Re: error context for vacuum to include block number |