Home > mailing lists

Re: [BUGS] BUG #14600: Passwords in user mappings leaked bypsql \deu+ command - Mailing list pgsql-hackers

From	Ashutosh Bapat
Subject	Re: [BUGS] BUG #14600: Passwords in user mappings leaked bypsql \deu+ command
Date	April 3, 2017 15:47:47
Msg-id	CAFjFpRf_Q_e61mEhmGh=_7WTXoa_VgKs=z_dHDRVmDMMeAQ91Q@mail.gmail.com Whole thread Raw
In response to	[BUGS] BUG #14600: Passwords in user mappings leaked by psql \deu+ command (Feike Steenbergen <feikesteenbergen@gmail.com>)
List	pgsql-hackers

Tree view

Please add this to 07/2017 commitfest. It looks like an existing leak, so, may not be considered as an open item for v10.

On Fri, Mar 31, 2017 at 11:51 PM, Feike Steenbergen <feikesteenbergen@gmail.com> wrote:

Forwarding message from pgsql-bugs for review

Attached a patch which copies the logic from commit
93a6be63a55a8cd0d73b3fa81eb6a46013a3a974.

In the current implementation we only consider privileges of the foreign server
in determining whether or not to show the user mapping details. This patch
copies the same logic (and documentation) used in commit
93a6be63a55a8cd0d73b3fa81eb6a46013a3a974 to not always show the user mapping
options.

regards,

Feike

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Best Wishes,
Ashutosh Bapat
EnterpriseDB Corporation
The Postgres Database Company

pgsql-hackers by date:

From: Ashutosh Bapat
Date: 03 April 2017, 15:13:45
Subject: Re: pg_partman 3.0.0 - real-world usage of nativepartitioning and a case for native default

From: Daniel Gustafsson
Date: 03 April 2017, 15:58:05
Subject: Refactoring identifier checks to consistently use strcmp

Re: [BUGS] BUG #14600: Passwords in user mappings leaked bypsql \deu+ command - Mailing list pgsql-hackers

Previous

Next