Обсуждение: BUG #5938: PostgreSQL Installer outputs log file with superuser password in clear text
BUG #5938: PostgreSQL Installer outputs log file with superuser password in clear text
От
"Craig Sacco"
Дата:
The following bug has been logged online: Bug reference: 5938 Logged by: Craig Sacco Email address: craig.sacco@gmail.com PostgreSQL version: 9.0.3 Operating system: Microsoft Windows (all variants, 32 and 64 bit) Description: PostgreSQL Installer outputs log file with superuser password in clear text Details: The PostgreSQL installer outputs a log file to the temporary directory with the superuser password in clear text. We are deploying PostgreSQL as part of a commercial product and would like to ensure that the password is not available to ordinary users.
On Tue, Mar 22, 2011 at 5:10 AM, Craig Sacco <craig.sacco@gmail.com> wrote: > > The following bug has been logged online: > > Bug reference: 5938 > Logged by: Craig Sacco > Email address: craig.sacco@gmail.com > PostgreSQL version: 9.0.3 > Operating system: Microsoft Windows (all variants, 32 and 64 bit) > Description: PostgreSQL Installer outputs log file with superuser > password in clear text > Details: > > The PostgreSQL installer outputs a log file to the temporary directory with > the superuser password in clear text. We are deploying PostgreSQL as part > of > a commercial product and would like to ensure that the password is not > available to ordinary users. > > This has been fixed for the next releases. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
On Tue, Mar 22, 2011 at 3:45 PM, Dave Page <dpage@pgadmin.org> wrote: > > > On Tue, Mar 22, 2011 at 5:10 AM, Craig Sacco <craig.sacco@gmail.com>wrote: > >> >> The following bug has been logged online: >> >> Bug reference: 5938 >> Logged by: Craig Sacco >> Email address: craig.sacco@gmail.com >> PostgreSQL version: 9.0.3 >> Operating system: Microsoft Windows (all variants, 32 and 64 bit) >> Description: PostgreSQL Installer outputs log file with superuser >> password in clear text >> Details: >> >> The PostgreSQL installer outputs a log file to the temporary directory >> with >> the superuser password in clear text. We are deploying PostgreSQL as part >> of >> a commercial product and would like to ensure that the password is not >> available to ordinary users. >> >> > This has been fixed for the next releases. > For the sake of the archives, it should also be noted that the file is in a secure directory, much as a .pgpass file would be, so this is generally only an issue for the situation described above, and not when a user installs a copy himself. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
On Tue, Mar 22, 2011 at 4:09 PM, Dave Page <dpage@pgadmin.org> wrote: > > > On Tue, Mar 22, 2011 at 3:45 PM, Dave Page <dpage@pgadmin.org> wrote: >> >> >> On Tue, Mar 22, 2011 at 5:10 AM, Craig Sacco <craig.sacco@gmail.com> >> wrote: >>> >>> The following bug has been logged online: >>> >>> Bug reference: =A0 =A0 =A05938 >>> Logged by: =A0 =A0 =A0 =A0 =A0Craig Sacco >>> Email address: =A0 =A0 =A0craig.sacco@gmail.com >>> PostgreSQL version: 9.0.3 >>> Operating system: =A0 Microsoft Windows (all variants, 32 and 64 bit) >>> Description: =A0 =A0 =A0 =A0PostgreSQL Installer outputs log file with = superuser >>> password in clear text >>> Details: >>> >>> The PostgreSQL installer outputs a log file to the temporary directory >>> with >>> the superuser password in clear text. We are deploying PostgreSQL as pa= rt >>> of >>> a commercial product and would like to ensure that the password is not >>> available to ordinary users. >>> >> >> This has been fixed for the next releases. > > For the sake of the archives, it should also be noted that the file is in= a > secure directory, much as a .pgpass file would be, so this is generally o= nly > an issue for the situation described above, and not when a user installs a > copy himself. I accept its not a worst-case problem, but we should rate the problem A-D as with other security issues. All cases should get a rating so we know what we're dealing with The problem is that the password is disclosed in a surprising way. .pgpass files are explicitly put there by a user, so they know what they've done. Putting a password in cleartext somewhere is an issue if people don't know about it. --=20 =A0Simon Riggs=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 http:/= /www.2ndQuadrant.com/ =A0PostgreSQL Development, 24x7 Support, Training & Services
On Tue, Mar 22, 2011 at 12:33 PM, Simon Riggs <simon@2ndquadrant.com> wrote: >>> This has been fixed for the next releases. >> >> For the sake of the archives, it should also be noted that the file is in a >> secure directory, much as a .pgpass file would be, so this is generally only >> an issue for the situation described above, and not when a user installs a >> copy himself. > > I accept its not a worst-case problem, but we should rate the problem > A-D as with other security issues. > All cases should get a rating so we know what we're dealing with > > The problem is that the password is disclosed in a surprising way. > .pgpass files are explicitly put there by a user, so they know what > they've done. > > Putting a password in cleartext somewhere is an issue if people don't > know about it. I agree completely. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
On Tue, Mar 22, 2011 at 4:09 PM, Dave Page <dpage@pgadmin.org> wrote: > > > On Tue, Mar 22, 2011 at 3:45 PM, Dave Page <dpage@pgadmin.org> wrote: >> >> >> On Tue, Mar 22, 2011 at 5:10 AM, Craig Sacco <craig.sacco@gmail.com> >> wrote: >>> >>> The following bug has been logged online: >>> >>> Bug reference: =A0 =A0 =A05938 >>> Logged by: =A0 =A0 =A0 =A0 =A0Craig Sacco >>> Email address: =A0 =A0 =A0craig.sacco@gmail.com >>> PostgreSQL version: 9.0.3 >>> Operating system: =A0 Microsoft Windows (all variants, 32 and 64 bit) >>> Description: =A0 =A0 =A0 =A0PostgreSQL Installer outputs log file with = superuser >>> password in clear text >>> Details: >>> >>> The PostgreSQL installer outputs a log file to the temporary directory >>> with >>> the superuser password in clear text. We are deploying PostgreSQL as pa= rt >>> of >>> a commercial product and would like to ensure that the password is not >>> available to ordinary users. >>> >> >> This has been fixed for the next releases. > > For the sake of the archives, it should also be noted that the file is in= a > secure directory, much as a .pgpass file would be, so this is generally o= nly > an issue for the situation described above, and not when a user installs a > copy himself. Updated "one click" installers for 9.0.3 on win32 and win64 and for 8.4.7 on win32 are now available from http://www.postgresql.org/download/windows --=20 Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company