From: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
---|---|
To: | Joe Conway <mail(at)joeconway(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
Cc: | Dave Cramer <davecramer(at)postgres(dot)rocks> |
Subject: | Re: Password leakage avoidance |
Date: | 2023-12-27 20:39:48 |
Message-ID: | ece799b9-f90f-411b-b5d9-9df430fc2974@eisentraut.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 23.12.23 16:13, Joe Conway wrote:
> I have recently, once again for the umpteenth time, been involved in
> discussions around (paraphrasing) "why does Postgres leak the passwords
> into the logs when they are changed". I know well that the canonical
> advice is something like "use psql with \password if you care about that".
>
> And while that works, it is a deeply unsatisfying answer for me to give
> and for the OP to receive.
>
> The alternative is something like "...well if you don't like that, use
> PQencryptPasswordConn() to roll your own solution that meets your
> security needs".
>
> Again, not a spectacular answer IMHO. It amounts to "here is a
> do-it-yourself kit, go put it together". It occurred to me that we can,
> and really should, do better.
>
> The attached patch set moves the guts of \password from psql into the
> libpq client side -- PQchangePassword() (patch 0001).
>
> The usage in psql serves as a ready built-in test for the libpq function
> (patch 0002). Docs included too (patch 0003).
I don't follow how you get from the problem statement to this solution.
This proposal doesn't avoid password leakage, does it? It just provides
a different way to phrase the existing solution. Who is a potential
user of this solution? Right now it just saves a dozen lines in psql,
but it's not clear how it improves anything else.
From | Date | Subject | |
---|---|---|---|
Next Message | Joe Conway | 2023-12-27 20:53:35 | Re: Password leakage avoidance |
Previous Message | Nathan Bossart | 2023-12-27 19:53:27 | Re: introduce dynamic shared memory registry |