Home > mailing lists

Re: I "might" have found a bug on 8.2.1 win32 - Mailing list pgsql-general

From	Magnus Hagander
Subject	Re: I "might" have found a bug on 8.2.1 win32
Date	February 1, 2007 22:12:07
Msg-id	20070201231156.GB18987@svr2.hagander.net Whole thread Raw
In response to	Re: I "might" have found a bug on 8.2.1 win32 ("Dave Page" <dpage@postgresql.org>)
List	pgsql-general

Tree view

On Thu, Feb 01, 2007 at 09:53:26PM -0000, Dave Page wrote:
> > Not to mention that the whole pgpass thing is a huge security hole, it
> > would be different if the passwords where encrypted or hashed, but they
> > are just sitting there in plain text.
>
> In an 0600 file on *nix, or in your profile on Windows, which if you were concerned with security would be secured as
well.

Not to mention it's secured by default, and you'd actually have to go
out of your way to make it *unsecure*.

(Yes, one common way to make it unsecure is to make every local user an
administrator is a comon way to break it, but if you do that you have so
many other ways ot hack that system it doesn' tmake a real difference)

//Magnus

pgsql-general by date:

From: Scott Marlowe
Date: 01 February 2007, 22:11:55
Subject: Re: Production systems beware: U.S. Daylight Savings Time comes at a new time this year

From: Magnus Hagander
Date: 01 February 2007, 22:15:51
Subject: Re: I "might" have found a bug on 8.2.1 win32

Re: I "might" have found a bug on 8.2.1 win32 - Mailing list pgsql-general

Previous

Next