Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password leaks as plaintext in log #2533

Closed
egasimus opened this issue Nov 4, 2022 · 1 comment
Closed

Password leaks as plaintext in log #2533

egasimus opened this issue Nov 4, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@egasimus
Copy link

egasimus commented Nov 4, 2022
edited
Loading

Issue Summary

If connecting to the database fails, the database password is printed in plaintext in the system log.

Steps to Reproduce

Try to connect with invalid settings, and the backend daemon will dutifully report:

thread 'main' panicked at 'Error connecting to postgres://username:password@host:port/db

Technical details

Maybe the panic handler should check for sensitive data?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@egasimus