| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Bad error message on valuntil |
| Date: | 2013-06-07 20:07:21 |
| Message-ID: | 51B23D79.3070600@commandprompt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 06/07/2013 12:31 PM, Tom Lane wrote:
> "Joshua D. Drake" <jd(at)commandprompt(dot)com> writes:
>> On 06/07/2013 11:57 AM, Tom Lane wrote:
>>> I think it's intentional that we don't tell the *client* that level of
>>> detail.
>
>> Why? That seems rather silly.
>
> The general policy on authentication failure reports is that we don't
> tell the client anything it doesn't know already about what the auth
> method is. We can log additional info into the postmaster log if it
> seems useful to do so, but the more you tell a client, the more you
> risk undesirable info leakage to a bad guy. As an example here,
> reporting the valuntil condition would be acking to an attacker that
> he had the right password.
So security by obscurity? Alright, without getting into that argument
how about we change the error message to:
FATAL: Authentication failed: Check server log for specifics
And then we make sure we log proper info?
Sincerely,
Joshua D. Drake
>
> regards, tom lane
>
--
Command Prompt, Inc. - http://www.commandprompt.com/ 509-416-6579
PostgreSQL Support, Training, Professional Services and Development
High Availability, Oracle Conversion, Postgres-XC, @cmdpromptinc
For my dreams of your image that blossoms
a rose in the deeps of my heart. - W.B. Yeats
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rodrigo Gonzalez | 2013-06-07 20:12:47 | Re: Bad error message on valuntil |
| Previous Message | Simon Riggs | 2013-06-07 20:04:47 | Re: Parallell Optimizer |