| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Steven Siebert <smsiebe(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: BUG #10680 - ldapbindpasswd leaks to postgresql log |
| Date: | 2014-06-18 02:50:54 |
| Message-ID: | 25606.1403059854@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Steven Siebert <smsiebe(at)gmail(dot)com> writes:
> Attached is a proposed patch for BUG #10680.
> It's a simple fix to the problem of the ldapbindpasswd leaking in
> clear text to the postgresql log. The patch simply removes the raw
> pg_hba.conf line from the log message, but retains the log line number
> to assist admins in troubleshooting.
You haven't exactly explained why this is a problem. The proposed patch
would impede diagnosing of many other problems, so it's not going to get
committed without a thoroughly compelling rationale.
Hint: "I don't store my postmaster log securely" is not compelling.
We've been over that ground before; there are far too many reasons
why access to the postmaster log is a potential security hazard
to justify concluding that this particular one is worse.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | xbzhang | 2014-06-18 03:21:20 | Re: How to implement the skip errors for copy from ? |
| Previous Message | Stephen Frost | 2014-06-18 02:25:13 | Re: API change advice: Passing plan invalidation info from the rewriter into the planner? |