On Tue, Mar 22, 2011 at 3:45 PM, Dave Page <dp...@pgadmin.org> wrote:
> > > On Tue, Mar 22, 2011 at 5:10 AM, Craig Sacco <craig.sa...@gmail.com>wrote: > >> >> The following bug has been logged online: >> >> Bug reference: 5938 >> Logged by: Craig Sacco >> Email address: craig.sa...@gmail.com >> PostgreSQL version: 9.0.3 >> Operating system: Microsoft Windows (all variants, 32 and 64 bit) >> Description: PostgreSQL Installer outputs log file with superuser >> password in clear text >> Details: >> >> The PostgreSQL installer outputs a log file to the temporary directory >> with >> the superuser password in clear text. We are deploying PostgreSQL as part >> of >> a commercial product and would like to ensure that the password is not >> available to ordinary users. >> >> > This has been fixed for the next releases. > For the sake of the archives, it should also be noted that the file is in a secure directory, much as a .pgpass file would be, so this is generally only an issue for the situation described above, and not when a user installs a copy himself. -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
