Home > mailing lists

BUG #10680 - ldapbindpasswd leaks to postgresql log - Mailing list pgsql-hackers

From	Steven Siebert
Subject	BUG #10680 - ldapbindpasswd leaks to postgresql log
Date	June 18, 2014 04:34:15
Msg-id	CAC3nzegvhPj8+9buY83JESqB+FQY3d8eM2TvRKw2Dp=czui70A@mail.gmail.com Whole thread Raw
Responses	Re: BUG #10680 - ldapbindpasswd leaks to postgresql log (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Hello,

Attached is a proposed patch for BUG #10680.

It's a simple fix to the problem of the ldapbindpasswd leaking in
clear text to the postgresql log.  The patch simply removes the raw
pg_hba.conf line from the log message, but retains the log line number
to assist admins in troubleshooting.

The patch is against the master branch and compiles/tests green.

Please let me know if there is anything I can do to get this worked
into the next (or perhaps current?) commit fest.  This is a critical
issue for us to meet government accreditation (security) requirements.

Thanks,

Steve

Attachment

bug_10680_v1.patch

pgsql-hackers by date:

From: Peter Geoghegan
Date: 18 June 2014, 04:18:27
Subject: Re: Doing better at HINTing an appropriate column within errorMissingColumn()

From: Abhijit Menon-Sen
Date: 18 June 2014, 04:43:45
Subject: Re: [REVIEW] Re: Compression of full-page-writes

BUG #10680 - ldapbindpasswd leaks to postgresql log - Mailing list pgsql-hackers

Attachment

Previous

Next