Home > mailing lists

Re: pgsql: Let installcheck-world pass against a server requiring a passwor - Mailing list pgsql-committers

From	Tom Lane
Subject	Re: pgsql: Let installcheck-world pass against a server requiring a passwor
Date	June 20, 2014 06:00:31
Msg-id	25848.1403230866@sss.pgh.pa.us Whole thread Raw
In response to	pgsql: Let installcheck-world pass against a server requiring a passwor (Noah Misch <noah@leadboat.com>)
Responses	Re: pgsql: Let installcheck-world pass against a server requiring a passwor
List	pgsql-committers

Tree view

Noah Misch <noah@leadboat.com> writes:
> Let installcheck-world pass against a server requiring a password.
> Give passwords to each user created in support of an ECPG connection
> test case.  Use SET SESSION AUTHORIZATION, not a fresh connection, to
> reduce privileges during a dblink test case.

Hm ... is this reasonably secure?  It seems like it's creating user
accounts with well-known passwords.  The accounts might not be there
for long, but still, I'm not sure I'd care to run this against an
installed server on a machine with hostile users present.

(The problem might have been there even before your patch, but that
doesn't mean it's not a problem.)

            regards, tom lane

pgsql-committers by date:

From: Tom Lane
Date: 20 June 2014, 05:15:34
Subject: pgsql: Avoid leaking memory while evaluating arguments for a table func

From: Noah Misch
Date: 20 June 2014, 06:02:28
Subject: Re: pgsql: Let installcheck-world pass against a server requiring a passwor

Re: pgsql: Let installcheck-world pass against a server requiring a passwor - Mailing list pgsql-committers

Previous

Next