Postgres Pro
Downloads
Home   >   mailing lists

Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs - Mailing list pgsql-bugs

From Greg Sabino Mullane
Subject Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs
Date
Msg-id CAKAnmmJq_pfPw8xaZV8vBwXXb8nZdy12zULL7W560F9VZ+7RVQ@mail.gmail.com
Whole thread Raw
In response to Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs  (Indrajeeth Deshmukh <bkindrajeeth@gmail.com>)
List pgsql-bugs
Tree view
On Tue, Feb 18, 2025 at 9:17 AM Indrajeeth Deshmukh <bkindrajeeth@gmail.com> wrote:
Thanks for sharing the details. It looks like a valid issue and has not been resolved yet. Currently, the solution is keeping the file remains secure, but when it comes to SIEM monitoring, it will be a major concern. Any thoughts on this?

Other solutions:

1. Use Kerberos
2. Disallow password creation and altering, except via psql \password or similar methods.
3. Disable logging when you are about to attempt a password change

--
Cheers,
Greg

--
Enterprise Postgres Software Products & Tech Support

pgsql-bugs by date:

Previous
From: "David G. Johnston"
Date:
Subject: Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs
Next
From: Tom Lane
Date:
Subject: Re: BUG #18817: Security Bug Report: Plaintext Password Exposure in Logs