Home > mailing lists

Re: BUG #16079: Question Regarding the BUG #16064 - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: BUG #16079: Question Regarding the BUG #16064
Date	December 21, 2020 21:31:32
Msg-id	543836.1608575492@sss.pgh.pa.us Whole thread Raw
In response to	Re: BUG #16079: Question Regarding the BUG #16064 (Jeff Janes <jeff.janes@gmail.com>)
Responses	Re: BUG #16079: Question Regarding the BUG #16064
List	pgsql-hackers

Tree view

Jeff Janes <jeff.janes@gmail.com> writes:
> On Sun, Dec 20, 2020 at 7:58 PM Stephen Frost <sfrost@snowman.net> wrote:
>> * Magnus Hagander (magnus@hagander.net) wrote:
>>> Maybe we should do the same for LDAP (and RADIUS)? This seems like a
>>> better place to put it than to log it at every time it's received?

>> A dollar short and a year late, but ... +1.

> I would suggest going further.  I would make the change on the client side,
> and have libpq refuse to send unhashed passwords without having an
> environment variable set which allows it.

As noted, that would break LDAP and RADIUS auth methods; likely also PAM.

> What is the value of logging on the server side?

I do agree with this point, but mostly on the grounds of "nobody reads
the server log".

            regards, tom lane

pgsql-hackers by date:

From: Pavel Stehule
Date: 21 December 2020, 21:26:14
Subject: Re: bad dependency in pg_dump output related to support function breaks binary upgrade

From: Stephen Frost
Date: 21 December 2020, 21:35:11
Subject: Re: BUG #16079: Question Regarding the BUG #16064

Re: BUG #16079: Question Regarding the BUG #16064 - Mailing list pgsql-hackers

Previous

Next