Skip site navigation (1) Skip section navigation (2)

Re: BUG #5938: PostgreSQL Installer outputs log file with superuser password in clear text

From: Simon Riggs <simon(at)2ndQuadrant(dot)com>
To: Dave Page <dpage(at)pgadmin(dot)org>
Cc: Craig Sacco <craig(dot)sacco(at)gmail(dot)com>, pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #5938: PostgreSQL Installer outputs log file with superuser password in clear text
Date: 2011-03-22 16:33:11
Message-ID: AANLkTi=gH8iuZQg-iTDhckXcG7WRGyayYxm2bxecRHNH@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-bugs
On Tue, Mar 22, 2011 at 4:09 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>
>
> On Tue, Mar 22, 2011 at 3:45 PM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>>
>>
>> On Tue, Mar 22, 2011 at 5:10 AM, Craig Sacco <craig(dot)sacco(at)gmail(dot)com>
>> wrote:
>>>
>>> The following bug has been logged online:
>>>
>>> Bug reference:      5938
>>> Logged by:          Craig Sacco
>>> Email address:      craig(dot)sacco(at)gmail(dot)com
>>> PostgreSQL version: 9.0.3
>>> Operating system:   Microsoft Windows (all variants, 32 and 64 bit)
>>> Description:        PostgreSQL Installer outputs log file with superuser
>>> password in clear text
>>> Details:
>>>
>>> The PostgreSQL installer outputs a log file to the temporary directory
>>> with
>>> the superuser password in clear text. We are deploying PostgreSQL as part
>>> of
>>> a commercial product and would like to ensure that the password is not
>>> available to ordinary users.
>>>
>>
>> This has been fixed for the next releases.
>
> For the sake of the archives, it should also be noted that the file is in a
> secure directory, much as a .pgpass file would be, so this is generally only
> an issue for the situation described above, and not when a user installs a
> copy himself.

I accept its not a worst-case problem, but we should rate the problem
A-D as with other security issues.
All cases should get a rating so we know what we're dealing with

The problem is that the password is disclosed in a surprising way.
.pgpass files are explicitly put there by a user, so they know what
they've done.

Putting a password in cleartext somewhere is an issue if people don't
know about it.

-- 
 Simon Riggs                   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services

In response to

Responses

pgsql-bugs by date

Next:From: GIMENEZ alexDate: 2011-03-22 19:39:40
Subject: BUG #5941: i don t understand
Previous:From: Dave PageDate: 2011-03-22 16:09:28
Subject: Re: BUG #5938: PostgreSQL Installer outputs log file with superuser password in clear text

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group