| From: | Heikki Linnakangas <hlinnakangas(at)vmware(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net>, dlo(at)isam(dot)kiwi |
| Cc: | pgsql-bugs(at)postgresql(dot)org, pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: [BUGS] BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password |
| Date: | 2014-05-07 20:51:26 |
| Message-ID: | 536A9CCE.9030006@vmware.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers pgsql-bugs |
(forwarding to pgadmin-hackers)
On 05/07/2014 06:44 PM, Stephen Frost wrote:
> * dlo(at)isam(dot)kiwi (dlo(at)isam(dot)kiwi) wrote:
>> but when the credential contains the delimiter (colon) it fails to be
>> read back out and app responds with "invalid credentials".
>>
>> x.x.x.x:5432:*:username:password:with:colons
>
> Per the fine documentation, you need to escape any such usage with a
> backslash. Please review:
Stephen, you missed the context. pgadmin3 saves .pgpass, when you check
the "store password" checkbox in the connection dialog. And apparantly
pgadmin3 doesn't do that escaping properly.
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-05-08 00:07:26 | Re: BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password |
| Previous Message | Guillaume Lelarge | 2014-05-07 19:42:05 | New refresh action on views |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2014-05-07 21:42:19 | Re: BUG #10256: COUNT(*) behaves sort of like RANK() when used over a window containing an ORDER BY |
| Previous Message | Tom Lane | 2014-05-07 20:28:43 | Re: BUG #10255: CREATE COLLATION bug on 9.4 |