| From: | Guillaume Lelarge <guillaume(dot)lelarge(at)dalibo(dot)com> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Add a warning message when using unencrypted passwords |
| Date: | 2025-02-27 07:39:58 |
| Message-ID: | c030f301-8f9d-4d0c-bd73-f07a2da70fa0@dalibo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 04/02/2025 19:14, Guillaume Lelarge wrote:
> On 04/02/2025 17:59, Tom Lane wrote:
>> Guillaume Lelarge <guillaume(dot)lelarge(at)dalibo(dot)com> writes:
>>> v2 is attached.
>>
>> This seems pretty much entirely useless to me. The password
>> has already been leaked to the log (*and* the network, if
>> session is unencrypted), so what's the point of a warning?
>> And as already noted, this ignores several other hazards of
>> the same sort, so it's more likely to create a false sense of
>> security than anything else.
>>
>> (In addition to the points noted, what of event triggers?
>> Or ~/.psql_history?)
>>
>
> I agree that the warning itself doesn't make the password secure. But it
> never pretends to do that. If I, as a user, see a message like this, my
> next move will be to search for a way to change my password in a secure
> way.
>
> Warning users won't save everyone, but it may help some. Doing nothing
> helps no one.
>
FWIW, I just set my patch to the "Withdrawn" status on the commitfest
app. Greg's patch is pretty much the same, and offers more options, I
reviewed it, and it has my vote.
--
Guillaume Lelarge
Consultant
https://dalibo.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bertrand Drouvot | 2025-02-27 07:47:09 | Re: per backend WAL statistics |
| Previous Message | Amul Sul | 2025-02-27 06:56:33 | Re: NOT ENFORCED constraint feature |