| From: | Euler Taveira de Oliveira <euler(at)timbira(dot)com> |
|---|---|
| To: | Andy Grimm <agrimm(at)gmail(dot)com> |
| Cc: | PostgreSQL Bugs <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #6412: psql & fe-connect truncate passwords |
| Date: | 2012-01-28 18:50:39 |
| Message-ID: | 4F24437F.7080306@timbira.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On 28-01-2012 14:32, Andy Grimm wrote:
> IMHO, there is a subtle difference here. If psql raised an error
> message on passwords exceeding 100 characters, I would understand your
> perspective, but I think that simply truncating the password and
> continuing on is a bug. I also think that hard-coding the number
> "100" in several places is simply poor practice which should be
> corrected, and that if there's good reason for that to be the password
> length limit, it should be uniformly enforced.
>
It is uniform on all of the bundled client tools. The source can always be
improved; such a constant is one of those improvements.
> The password is not of my choosing. It's an autogenerated sha hash of
> an RSA key, and i've simply been the key to use.
> While I agree that it's generally impractical to use such a long
> password at the command line, more than 99% of the use of this
> password is programmatic, and if I complain to the author that the
> password is too long, he'll respond "it works for me with JDBC; you
> are using broken tools.
>
So the "broken" part is the password file, right? I won't expect someone with
such a long password typing or (of course) copy/paste it, will I? Again,
patches are welcome.
> I looked at the code before I wrote up the issue, and I have written
> and tested a patch. I've posted it here:
>
> https://bugzilla.redhat.com/attachment.cgi?id=558061
>
Please, post a patch here, we don't follow other bug trackers.
> Perhaps I should just submit the patch to pgsql-hackers ? I'm new to
> the pgsql bug interaction process, so my apologies if filing a bug was
> not the appropriate way to present the issue. I get Internal Server
> Error messages when I attempt to subscribe to any of the pgsql mailing
> lists, so this makes communication with the lists difficult.
>
Bugs are tracked here but when it is not a bug but an improvement, we just
redirect this thread to -hackers.
--
Euler Taveira de Oliveira - Timbira http://www.timbira.com.br/
PostgreSQL: Consultoria, Desenvolvimento, Suporte 24x7 e Treinamento
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Euler Taveira de Oliveira | 2012-01-28 19:28:06 | Re: BUG #6413: pg_relation_size wont work on table with upper case chars |
| Previous Message | Tom Lane | 2012-01-28 18:47:04 | Re: BUG #6412: psql & fe-connect truncate passwords |