Re: PATCH: warn about, and deprecate, clear text passwords
| От | Robert Haas |
|---|---|
| Тема | Re: PATCH: warn about, and deprecate, clear text passwords |
| Дата | |
| Msg-id | CA+TgmobL3w8bytd+eOCcpn=NHqqS+vyddcsimv4Yq72sqwWyYw@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: PATCH: warn about, and deprecate, clear text passwords (Greg Sabino Mullane <htamfids@gmail.com>) |
| Ответы |
Re: PATCH: warn about, and deprecate, clear text passwords
|
| Список | pgsql-hackers |
On Wed, Mar 19, 2025 at 9:24 AM Greg Sabino Mullane <htamfids@gmail.com> wrote: >> The user has no particular reason to care about the fact that the password they just typed ended up in the log. That isa concern for >> the DBA, not the user, and even if they care about the DBA's feelings, they only get the warning after it's too late todo otherwise. > > Can't the same be said about other warnings, esp. md5? Absolutely. Warnings are sometimes the right thing, but they often suck. If something is really a bad idea, "ERROR: bad idea" is vastly superior to "WARNING: what you just already did was a bad idea". If we don't actually know for sure that it's a bad idea, then it's generally better not to emit a warning at all, for fear of log-spamming people who know what they're doing. > Robert - would you be more inclined to accept this if we kept the three states, but made the default "allow"? That wouldstill allow people to bump it stronger manually, but would have no effect on everyone else. That would give us timeto tweak the wording and/or examine other approaches. Although any other approaches would still leave the need to dosomething with passwords via ALTER USER / CREATE USER in the interim. I mean, I do think that is probably a better idea, but I personally have zero intention of committing this patch regardless. I have seen a lot of problems in this area working at EDB and my educated guess is that this solves 0% of them. Now, if enough other people show up to say "but this would solve 100% of my problems," well then fair enough. But I think it's entirely reasonable for me to look at the combination of "this is a class of problem that affects me" and "this proposed solution would not help me" and be skeptical. I think you'd feel the same if the situation were reversed. If I came along and proposed some solution to a PG problem and you agreed that the problem was a problem but my proposed solution seemed useless, I assume you'd also -1 that patch. -- Robert Haas EDB: http://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: