| From: | Steven Siebert <smsiebe(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | BUG #10680 - ldapbindpasswd leaks to postgresql log |
| Date: | 2014-06-18 01:33:43 |
| Message-ID: | CAC3nzegvhPj8+9buY83JESqB+FQY3d8eM2TvRKw2Dp=czui70A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello,
Attached is a proposed patch for BUG #10680.
It's a simple fix to the problem of the ldapbindpasswd leaking in
clear text to the postgresql log. The patch simply removes the raw
pg_hba.conf line from the log message, but retains the log line number
to assist admins in troubleshooting.
The patch is against the master branch and compiles/tests green.
Please let me know if there is anything I can do to get this worked
into the next (or perhaps current?) commit fest. This is a critical
issue for us to meet government accreditation (security) requirements.
Thanks,
Steve
| Attachment | Content-Type | Size |
|---|---|---|
| bug_10680_v1.patch | application/octet-stream | 552 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Abhijit Menon-Sen | 2014-06-18 01:43:39 | Re: [REVIEW] Re: Compression of full-page-writes |
| Previous Message | Peter Geoghegan | 2014-06-18 01:18:23 | Re: Doing better at HINTing an appropriate column within errorMissingColumn() |