From: | "Joe Moyle" <jmoyle(at)paymetric(dot)com> |
---|---|
To: | <pgadmin-support(at)postgresql(dot)org> |
Subject: | Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text |
Date: | 2007-05-23 14:52:40 |
Message-ID: | 8B1D2F832D92D84BB2C583614AAD7C09034D7CDD@pmmail02.paymetric.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgadmin-support |
I'm working on my first PostgreSQL project. We are attempting a proof
of concept. I'm using PGAdmin 3 v1.6.2 on a Windows XP Pro workstation.
I like the option to 'Save Password' because I'm generally lazy and
don't want to type in the password every time I log on.
While doing some poking around I discovered that the passwords in the
pgpass.conf file are stored in plain text. I consider this a bug.
Being new to PGS and not fully understanding all the implications I set
up my database to use MD5 for password encryption. So, I attempted to
replace the plain text password in pgpass.conf with the MD5 encrypted
one hoping that PGA3 would see the MD5 as the first few characters and
realize that it didn't have to encrypt the password before sending it to
the server. No such luck.
I searched the Known Issues and didn't see this listed as a problem. I
searched the TODO list and didn't see any mention of this problem. I
realize that the work around is to simply not make use of the 'store
password' option but then I can't help but wonder why the 'store
password' option exists in the product.
Would the 'powers that be' list this as a bug and add it to the TODO
list?
Joe Moyle
Sr. DBA
Office (713) 895-2055
Fax (713) 895-2001
JMoyle(at)Paymetric(dot)com
From | Date | Subject | |
---|---|---|---|
Next Message | yoursoft | 2007-05-23 15:17:44 | Re: Bug Report - PGAdmin3 windows pgpass.conf passwords stored in plain text |
Previous Message | Luca Ferrari | 2007-05-23 11:40:33 | Re: pgAdmin III 1.6.3 for ubuntu feisty uploaded. |