Re: BUG #16682: The pg_user_mapping table saves the plaintext password

Поиск
Список
Период
Сортировка
От Daniel Gustafsson
Тема Re: BUG #16682: The pg_user_mapping table saves the plaintext password
Дата
Msg-id 78BCA442-5AFB-40E4-B280-69D8EAF234EE@yesql.se
обсуждение исходный текст
Ответ на BUG #16682: The pg_user_mapping table saves the plaintext password  (PG Bug reporting form <noreply@postgresql.org>)
Ответы Re: BUG #16682: The pg_user_mapping table saves the plaintext password  (Michael Paquier <michael@paquier.xyz>)
Список pgsql-bugs
Дерево обсуждения 
> On 22 Oct 2020, at 09:14, PG Bug reporting form <noreply@postgresql.org> wrote:

> Whether the plaintext password in this system table system view has security
> risks, is it considered a security vulnerability?

This is as intended, and documented on the pg_user_mapping catalog
description and the pg_user_mappings view:

  https://www.postgresql.org/docs/12/catalog-pg-user-mapping.html
  https://www.postgresql.org/docs/12/view-pg-user-mappings.html

The umoptions field is not visible to restricted users.

cheers ./daniel

В списке pgsql-bugs по дате отправления:

Предыдущее
От: PG Bug reporting form
Дата:
Сообщение: BUG #16682: The pg_user_mapping table saves the plaintext password
Следующее
От: Tom Lane
Дата:
Сообщение: Re: BUG #16329: Valgrind detects an invalid read when building a gist index with buffering