| From: | Paul Ohlhauser <bendix(dot)ohlhauser(at)gmail(dot)com> |
|---|---|
| To: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Robert Haas <robertmhaas(at)gmail(dot)com>, postgresql(dot)cache976(at)passmail(dot)net, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [PG19-3 PATCH] Don't ignore passfile |
| Date: | 2025-09-08 19:30:07 |
| Message-ID: | CAGbOXJEeXc+95yN_mZec6dvPwoPx38xzGxDz4SXCh36tqbrfeg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> I'm not sure I understand the compatibility fallout. Like, who would be
angry if we did that?
From my very first message:
> Breaking change in setups with ignored "passfile" (edge-case, not likely)
So unless I am missing something this only affects people who ran into a
permission issue, left the open passfile in-place and found another way to
provide the password that Postgres was happy with.
> [...], so that idea that we can force "safe" permissions is a little bit
laughable.
Another slightly ridiculous example above: A user may leave the vulnerable
passfile in place, ignore the warning and provide the password other way.
The error would ensure they need to clean their passfile up.
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sami Imseih | 2025-09-08 19:47:26 | Re: GetNamedLWLockTranche crashes on Windows in normal backend |
| Previous Message | Paul Ohlhauser | 2025-09-08 19:23:52 | Re: [PG19-3 PATCH] Don't ignore passfile |