| From: | Ashutosh Bapat <ashutosh(dot)bapat(at)enterprisedb(dot)com> |
|---|---|
| To: | Feike Steenbergen <feikesteenbergen(at)gmail(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [BUGS] BUG #14600: Passwords in user mappings leaked by psql \deu+ command |
| Date: | 2017-04-03 09:47:47 |
| Message-ID: | CAFjFpRf_Q_e61mEhmGh=_7WTXoa_VgKs=z_dHDRVmDMMeAQ91Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Please add this to 07/2017 commitfest. It looks like an existing leak, so,
may not be considered as an open item for v10.
On Fri, Mar 31, 2017 at 11:51 PM, Feike Steenbergen <
feikesteenbergen(at)gmail(dot)com> wrote:
> Forwarding message from pgsql-bugs for review
>
>
> Attached a patch which copies the logic from commit
> 93a6be63a55a8cd0d73b3fa81eb6a46013a3a974.
>
> In the current implementation we only consider privileges of the foreign
> server
> in determining whether or not to show the user mapping details. This patch
> copies the same logic (and documentation) used in commit
> 93a6be63a55a8cd0d73b3fa81eb6a46013a3a974 to not always show the user
> mapping
> options.
>
> regards,
>
> Feike
>
>
>
> --
> Sent via pgsql-hackers mailing list (pgsql-hackers(at)postgresql(dot)org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-hackers
>
>
--
Best Wishes,
Ashutosh Bapat
EnterpriseDB Corporation
The Postgres Database Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2017-04-03 09:58:05 | Refactoring identifier checks to consistently use strcmp |
| Previous Message | Ashutosh Bapat | 2017-04-03 09:13:45 | Re: pg_partman 3.0.0 - real-world usage of native partitioning and a case for native default |