| From: | Oleksandr Shulgin <oleksandr(dot)shulgin(at)zalando(dot)de> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | abcxiaod(at)126(dot)com, PostgreSQL mailing lists <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: BUG #16449: Log file and the query field of the pg_stat_statements table display clear text password. |
| Date: | 2020-05-19 06:22:09 |
| Message-ID: | CACACo5QLeQ+Z0BECp05hHYbqy8Fe1X_ziPmHxr3tyLzVeL9jCw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Mon, May 18, 2020 at 11:45 AM Magnus Hagander <magnus(at)hagander(dot)net>
wrote:
>
>> 1、The log_statement is set to ALL
>> 2、Execute statement:alter user t password 'adsf123asg';
>> 3、Log file shows clear text password.
>>
>
> Yes, if you intentionally send the query in clear text, it will be logged
> in clear text.
>
> Just like with your report about creating user, it is clearly documented
> in the ALTER ROLE documentation that if you don't want this, you should
> use \password or a similar functionality, and not the cleartext ALTER USER.
>
I think it's worth noting that using psql's \password command still results
in an ALTER USER being sent to the server, and thus ending up in the logs.
The difference is that the logged password is already encrypted:
postgres=# \set ECHO_HIDDEN
postgres=# \password t
Enter new password:
Enter it again:
********* QUERY **********
ALTER USER t PASSWORD 'md5cf853b7f00ed64ef120b3f6af0d073c2'
**************************
Cheers,
--
Alex
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2020-05-19 07:02:57 | Re: BUG #16449: Log file and the query field of the pg_stat_statements table display clear text password. |
| Previous Message | Justin Pryzby | 2020-05-19 02:03:52 | Re: BUG #16147: postgresql 12.1 (from homebrew) - pg_restore -h localhost --jobs=2 crashes |