Thread

  1. BUG #18969: security tests failures

    PG Bug reporting form <noreply@postgresql.org> — 2025-06-25T06:15:23Z

    The following bug has been logged on the website:
    
    Bug reference:      18969
    Logged by:          Sigalit B
    Email address:      e.sigalit@gmail.com
    PostgreSQL version: 17.5
    Operating system:   Linux
    Description:        
    
    A container is forbidden to store secrets in environment variables in its
    manifest ->
    following secret defined as env vars
    "POSTGRES_PASSWORD=ZBzEgjlnnbzMH2Ix
     REPMGR_PASSWORD=UTwLWESNIMikB18T
    POSTGRES_USER=postgres
    REPMGR_USERNAME=repmgr"
    is this something that can be handled
    
    
  2. Re: BUG #18969: security tests failures

    Daniel Gustafsson <daniel@yesql.se> — 2025-06-25T12:31:59Z

    > On 25 Jun 2025, at 08:15, PG Bug reporting form <noreply@postgresql.org> wrote:
    > 
    > The following bug has been logged on the website:
    > 
    > Bug reference:      18969
    > Logged by:          Sigalit B
    > Email address:      e.sigalit@gmail.com
    > PostgreSQL version: 17.5
    > Operating system:   Linux
    > Description:        
    > 
    > A container is forbidden to store secrets in environment variables in its
    > manifest ->
    > following secret defined as env vars
    > "POSTGRES_PASSWORD=redacted
    > REPMGR_PASSWORD=redacted
    > POSTGRES_USER=postgres
    > REPMGR_USERNAME=repmgr"
    > is this something that can be handled
    
    Wherever this came from it is not part of core postgres but most likely
    something in your deployment environment.  Any questions should be directed at
    whomever set that up.
    
    This is a publically archived mailinglist, if what you posted are actual
    passwords then I strongly advise you to change them immediately.
    
    --
    Daniel Gustafsson