Home > mailing lists

Re: BUG #16682: The pg_user_mapping table saves the plaintext password - Mailing list pgsql-bugs

From	Daniel Gustafsson
Subject	Re: BUG #16682: The pg_user_mapping table saves the plaintext password
Date	October 22, 2020 11:16:46
Msg-id	78BCA442-5AFB-40E4-B280-69D8EAF234EE@yesql.se Whole thread Raw
In response to	BUG #16682: The pg_user_mapping table saves the plaintext password (PG Bug reporting form <noreply@postgresql.org>)
Responses	Re: BUG #16682: The pg_user_mapping table saves the plaintext password (Michael Paquier <michael@paquier.xyz>)
List	pgsql-bugs

Tree view

> On 22 Oct 2020, at 09:14, PG Bug reporting form <noreply@postgresql.org> wrote:

> Whether the plaintext password in this system table system view has security
> risks, is it considered a security vulnerability？

This is as intended, and documented on the pg_user_mapping catalog
description and the pg_user_mappings view:

  https://www.postgresql.org/docs/12/catalog-pg-user-mapping.html
  https://www.postgresql.org/docs/12/view-pg-user-mappings.html

The umoptions field is not visible to restricted users.

cheers ./daniel

pgsql-bugs by date:

From: PG Bug reporting form
Date: 22 October 2020, 10:14:06
Subject: BUG #16682: The pg_user_mapping table saves the plaintext password

From: Tom Lane
Date: 22 October 2020, 17:01:57
Subject: Re: BUG #16329: Valgrind detects an invalid read when building a gist index with buffering

Re: BUG #16682: The pg_user_mapping table saves the plaintext password - Mailing list pgsql-bugs

Previous

Next