[BUGS] BUG #14600: Passwords in user mappings leaked by psql \deu+ command

From: Feike Steenbergen <feikesteenbergen(at)gmail(dot)com>
To: PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>
Subject: [BUGS] BUG #14600: Passwords in user mappings leaked by psql \deu+ command
Date: 2017-03-31 18:21:23
Message-ID: CAK_s-G2gaYLCu3j10-EGxngUXzFOp9O+TyBv1-Xj4fyYKJ9fPA@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Forwarding message from pgsql-bugs for review

Attached a patch which copies the logic from commit
93a6be63a55a8cd0d73b3fa81eb6a46013a3a974.

In the current implementation we only consider privileges of the foreign
server
in determining whether or not to show the user mapping details. This patch
copies the same logic (and documentation) used in commit
93a6be63a55a8cd0d73b3fa81eb6a46013a3a974 to not always show the user mapping
options.

regards,

Feike

Attachment Content-Type Size
user_mappings_leak.patch application/octet-stream 1.7 KB

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2017-03-31 18:23:31 Re: Somebody has not thought through subscription locking considerations
Previous Message Magnus Hagander 2017-03-31 18:19:53 Re: bumping HASH_VERSION to 3