Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitaf41101

Browse files
committed
Prevent failed passwords from being echoed to server logs, for security.
1 parent16d6615 commitaf41101

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

‎src/backend/libpq/auth.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.78 2002/03/0506:52:05 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.79 2002/03/0507:57:45 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -663,7 +663,9 @@ pam_passwd_conv_proc(int num_msg, const struct pam_message ** msg, struct pam_re
663663

664664
initStringInfo(&buf);
665665
pq_getstr(&buf);
666-
elog(DEBUG5,"received PAM packet with len=%d, pw=%s",len,buf.data);
666+
667+
/* Do not echo failed password to logs, for security. */
668+
elog(DEBUG5,"received PAM packet");
667669

668670
if (strlen(buf.data)==0)
669671
{

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp