| From: | Dave Cramer <davecramer(at)postgres(dot)rocks> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org>, Joe Conway <mail(at)joeconway(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Password leakage avoidance |
| Date: | 2024-01-03 13:59:50 |
| Message-ID: | CADK3HHJM47AtOfw3bMDzCyJqXsc56xWDqjQWb+J+wUqNJbv9OQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 3 Jan 2024 at 08:53, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> On Sun, Dec 24, 2023 at 12:06 PM Jonathan S. Katz <jkatz(at)postgresql(dot)org>
> wrote:
> > We're likely to have new algorithms in the future, as there is a draft
> > RFC for updating the SCRAM hashes, and already some regulatory bodies
> > are looking to deprecate SHA256. My concern with relying on the
> > "encrypted_password" GUC (which is why PQencryptPasswordConn takes
> > "conn") makes it any easier for users to choose the algorithm, or if
> > they need to rely on the server/session setting.
>
> Yeah, I agree. It doesn't make much sense to me to propose that a GUC,
> which is a server-side setting, should control client-side behavior.
>
> Also, +1 for the general idea. I don't think this is a whole answer to
> the problem of passwords appearing in log files because (1) you have
> to be using libpq in order to make use of this
JDBC has it as of yesterday. I would imagine other clients will implement
it.
Dave Cramer
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John Naylor | 2024-01-03 14:10:11 | Re: [PoC] Improve dead tuple storage for lazy vacuum |
| Previous Message | Robert Haas | 2024-01-03 13:53:17 | Re: Password leakage avoidance |