On Oct 14, 2007, at 14:34 , Tom Lane wrote:
I am not entirely convinced whether we should do anything about this:
the general theory on authentication failures is that you don't say
much
about exactly why it failed, so as to not give a brute-force attacker
any info about whether he gave a valid userid or not. So there's an
argument to be made that the current behavior is what we want. But
I'm pretty sure that it wasn't intentionally designed to act this way.
Would there be a difference in how this is logged and how it's
reported to the user? I can see where an admin (having access to
logs) would want to have additional information such as whether a
role login has failed due to not having login privileges or whether
the failure was due to an incorrect role/password pair. I lean
towards less information back to the user as to the nature of the
failure. If the general consensus is to leave the current behavior, a
comment should probably be included to note that the behavior is
intentional.
Michael Glaesemann
grzm seespotcode net
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
