Re: Password leakage avoidance - Mailing list pgsql-hackers

From Dave Cramer
Subject Re: Password leakage avoidance
Date
Msg-id CADK3HHJM47AtOfw3bMDzCyJqXsc56xWDqjQWb+J+wUqNJbv9OQ@mail.gmail.com
Whole thread Raw
In response to Re: Password leakage avoidance  (Robert Haas <robertmhaas@gmail.com>)
List pgsql-hackers




On Wed, 3 Jan 2024 at 08:53, Robert Haas <robertmhaas@gmail.com> wrote:
On Sun, Dec 24, 2023 at 12:06 PM Jonathan S. Katz <jkatz@postgresql.org> wrote:
> We're likely to have new algorithms in the future, as there is a draft
> RFC for updating the SCRAM hashes, and already some regulatory bodies
> are looking to deprecate SHA256. My concern with relying on the
> "encrypted_password" GUC (which is why PQencryptPasswordConn takes
> "conn") makes it any easier for users to choose the algorithm, or if
> they need to rely on the server/session setting.

Yeah, I agree. It doesn't make much sense to me to propose that a GUC,
which is a server-side setting, should control client-side behavior.

Also, +1 for the general idea. I don't think this is a whole answer to
the problem of passwords appearing in log files because (1) you have
to be using libpq in order to make use of this

JDBC has it as of yesterday. I would imagine other clients will implement it.
Dave Cramer

pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: Password leakage avoidance
Next
From: John Naylor
Date:
Subject: Re: [PoC] Improve dead tuple storage for lazy vacuum