On 06/20/2013 12:51 AM, Jeff Janes wrote:
> I think we need to keep the first "password". "Password authentication"
> is a single thing, it is the authentication method attempted. It is the
> password method (which includes MD5) which failed, as opposed to the
> LDAP method or the Peer method or one of the other methods.
That's against the rule of not revealing any more knowledge than a
potential attacker already has, no? For that reason, I'd rather go with
just "authentication failed".
> Without this level of explicitness, it might be hard to figure out which
> row in pg_hba.conf was the one that PostgreSQL glommed onto to use for
> authentication.
As argued before, that should go into the logs for diagnosis by the
sysadmin, but should not be revealed to an attacker.
Regards
Markus Wanner
