Home > mailing lists

Re: explicit_bzero for sslpassword - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: explicit_bzero for sslpassword
Date	May 20, 2020 08:56:50
Msg-id	20200520055650.GD2355@paquier.xyz Whole thread Raw
In response to	explicit_bzero for sslpassword (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: explicit_bzero for sslpassword (Peter Eisentraut <peter.eisentraut@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On Tue, May 19, 2020 at 02:33:40PM +0200, Daniel Gustafsson wrote:
> Since commit 74a308cf5221f we use explicit_bzero on pgpass and connhost
> password in libpq, but not sslpassword which seems an oversight.  The attached
> performs an explicit_bzero before freeing like the pattern for other password
> variables.

Good catch, let's fix that.  I would like to apply your suggested fix,
but let's see first if others have any comments.
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Michael Paquier
Date: 20 May 2020, 08:38:38
Subject: Re: SyncRepLock acquired exclusively in default configuration

From: Michael Paquier
Date: 20 May 2020, 10:03:26
Subject: Re: Expand the use of check_canonical_path() for more GUCs

Re: explicit_bzero for sslpassword - Mailing list pgsql-hackers

Attachment

Previous

Next