Re: BUG #5475: Problem during Instalation
| От | Craig Ringer |
|---|---|
| Тема | Re: BUG #5475: Problem during Instalation |
| Дата | |
| Msg-id | 4C0F4927.7070507@postnewspapers.com.au обсуждение исходный текст |
| Ответ на | Re: BUG #5475: Problem during Instalation (Dave Page <dpage@pgadmin.org>) |
| Ответы |
Re: BUG #5475: Problem during Instalation
|
| Список | pgsql-bugs |
On 09/06/10 15:47, Dave Page wrote: > On Wed, Jun 9, 2010 at 4:58 AM, Craig Ringer > <craig@postnewspapers.com.au> wrote: > >> Really, the installer on Windows needs to stash the password in an >> admin-only-readable registry key, read it from there on install, and test to >> make sure it works. If it does, Pg need not even bother the user with the >> account password at all. > > Aside from the fact that such a technique would probably end up on > Bugtraq quicker than I could write the report myself, many people do > need the password for setting up additional services such as pgAgent, > and for actually logging into the database they just installed. Only because the PostgreSQL system user account password is coupled to the account of the "postgres" user in the PostgreSQL database cluster (right?). I'm not at a Windows box right now so I can't test to see if altering the Pg role's password changes the system password or vice versa, but I'd be surprised if they did. Personally I'm firmly of the opinion that the user should never need to know anything about the password (if any) for the "postgres" Windows user account that's used for the service account. As for bugtraq: If the password is in a registry key readable only by the administrator user, then anyone who can read the password can also change the password for the account, read other critical passwords from the system, etc. Admittedly it'd be stored in cleartext, but so are plenty of stored passwords. Now, if that password is the same as the one used for the db admin user, then yes that'd be an absolutely awful idea, but I was presuming that as it'd be a behind-the-scenes generated password it'd be completely independent from the "postgres" role in the db cluster if this method was used. It'd be even better, of course, to find out how others avoid this whole issue and do the same. I'm going to do some digging and see if I can find that out, so I can give you some useful information instead of hand-waving. -- Craig Ringer Tech-related writing: http://soapyfrogs.blogspot.com/
В списке pgsql-bugs по дате отправления: