Skip to content

Commit af41101

Browse files
bmomjianbmomjian
committed
Prevent failed passwords from being echoed to server logs, for security.
1 parent 16d6615 commit af41101

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

src/backend/libpq/auth.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/05 06:52:05 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/05 07:57:45 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
663663

664664
initStringInfo(&buf);
665665
pq_getstr(&buf);
666-
elog(DEBUG5, "received PAM packet with len=%d, pw=%s", len, buf.data);
666+
667+
/* Do not echo failed password to logs, for security. */
668+
elog(DEBUG5, "received PAM packet");
667669

668670
if (strlen(buf.data) == 0)
669671
{

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy