Home > mailing lists

Re: PATCH: warn about, and deprecate, clear text passwords - Mailing list pgsql-hackers

From	Nathan Bossart
Subject	Re: PATCH: warn about, and deprecate, clear text passwords
Date	March 14 18:21:30
Msg-id	Z9RJethZdgCq1Tgq@nathan Whole thread Raw
In response to	Re: PATCH: warn about, and deprecate, clear text passwords (Robert Haas <robertmhaas@gmail.com>)
Responses	Re: PATCH: warn about, and deprecate, clear text passwords
List	pgsql-hackers

Tree view

On Mon, Mar 03, 2025 at 01:54:59PM -0500, Robert Haas wrote:
> Oh, good point. I don't know. I just have heard a LOT of complaining
> about passwords showing up in the log, and I'm not sure insisting that
> they have to all be encrypted is going to make all of the complaining
> stop.

+1.  At this point, IMHO we should consider this v19 material to provide
more time for discussion on the best way to tackle this problem.  Blocking
plain-text passwords in CREATE/ALTER ROLE commands may be part of it, but
as Robert notes, we might need to do more.

-- 
nathan

pgsql-hackers by date:

From: Fujii Masao
Date: 14 March, 18:07:25
Subject: Re: Add “FOR UPDATE NOWAIT” lock details to the log.

From: "David G. Johnston"
Date: 14 March, 18:26:32
Subject: Re: Adding a '--clean-publisher-objects' option to 'pg_createsubscriber' utility.

Re: PATCH: warn about, and deprecate, clear text passwords - Mailing list pgsql-hackers

Previous

Next