Greetings,
* Magnus Hagander (magnus@hagander.net) wrote:
> On Fri, Nov 15, 2019 at 5:42 AM Thomas Munro <thomas.munro@gmail.com> wrote:
>
> > On Tue, Oct 29, 2019 at 4:48 AM Stephen Frost <sfrost@snowman.net> wrote:
> > > Uh, the user's credentials certainly are sent to the PG server.
> >
> > Perhaps we should log a warning when PostgreSQL has received a
> > password over the network without SSL. Perhaps we should log another
> > warning when PostgreSQL has sent a password over the network without
> > SSL.
>
> For the old plaintext "password" method, we log a warning when we parse the
> configuration file.
>
> Maybe we should do the same for LDAP (and RADIUS)? This seems like a better
> place to put it than to log it at every time it's received?
Seems like a reasonable approach to me though we should probably also
include details in the documentation around what this warning means,
exactly, since we probably can't write the full paragraph or more that
we'd need to inside the warning itself.
Sorry though.. where do we log that warning you're talking about wrt
the 'password' method? I just started a 13devel with 'password'
configured in pg_hba.conf and didn't see any warnings...
(commit b5273943679d22f58f1e1e269ad75e791172f557)
I'm all for adding a warning when any of these methods is used, maybe
with an optional override of "yes, I know this is bad but I don't care".
Thanks,
Stephen
