Re: rolcanlogin vs. the flat password file - Mailing list pgsql-hackers

From Michael Glaesemann
Subject Re: rolcanlogin vs. the flat password file
Date
Msg-id AEBA712F-F88F-469A-926B-8347E2497C63@seespotcode.net
Whole thread Raw
In response to rolcanlogin vs. the flat password file  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: rolcanlogin vs. the flat password file
List pgsql-hackers
On Oct 14, 2007, at 14:34 , Tom Lane wrote:

> I am not entirely convinced whether we should do anything about this:
> the general theory on authentication failures is that you don't say  
> much
> about exactly why it failed, so as to not give a brute-force attacker
> any info about whether he gave a valid userid or not.  So there's an
> argument to be made that the current behavior is what we want.  But
> I'm pretty sure that it wasn't intentionally designed to act this way.

Would there be a difference in how this is logged and how it's  
reported to the user? I can see where an admin (having access to  
logs) would want to have additional information such as whether a  
role login has failed due to not having login privileges or whether  
the failure was due to an incorrect role/password pair. I lean  
towards less information back to the user as to the nature of the  
failure. If the general consensus is to leave the current behavior, a  
comment should probably be included to note that the behavior is  
intentional.

Michael Glaesemann
grzm seespotcode net




pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: rolcanlogin vs. the flat password file
Next
From: Stephen Frost
Date:
Subject: Re: rolcanlogin vs. the flat password file