Re: BUG #16079: Question Regarding the BUG #16064
| От | Magnus Hagander |
|---|---|
| Тема | Re: BUG #16079: Question Regarding the BUG #16064 |
| Дата | |
| Msg-id | CABUevEwMcFmXqPJgOQfnUV8XgKtWqHPiccNHY+mPJ0AfeFz-7Q@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: BUG #16079: Question Regarding the BUG #16064 (Thomas Munro <thomas.munro@gmail.com>) |
| Ответы |
Re: BUG #16079: Question Regarding the BUG #16064
Re: BUG #16079: Question Regarding the BUG #16064 |
| Список | pgsql-bugs |
On Fri, Nov 15, 2019 at 5:42 AM Thomas Munro <thomas.munro@gmail.com> wrote:
On Tue, Oct 29, 2019 at 4:48 AM Stephen Frost <sfrost@snowman.net> wrote:
> Uh, the user's credentials certainly are sent to the PG server.
Perhaps we should log a warning when PostgreSQL has received a
password over the network without SSL. Perhaps we should log another
warning when PostgreSQL has sent a password over the network without
SSL.
For the old plaintext "password" method, we log a warning when we parse the configuration file.
Maybe we should do the same for LDAP (and RADIUS)? This seems like a better place to put it than to log it at every time it's received?
В списке pgsql-bugs по дате отправления: