Thread

  1. Re: [pgadmin-hackers] Re: BUG #10250: pgAdmin III 1.16.1 stores unescaped plaintext password

    Akshay Joshi <akshay.joshi@enterprisedb.com> — 2014-05-08T09:04:04Z

    Sure.
    
    
    On Thu, May 8, 2014 at 1:37 PM, Dave Page <dpage@pgadmin.org> wrote:
    
    > Akshay, can you look into the quoting problem please.
    >
    > On Thu, May 8, 2014 at 1:07 AM, Stephen Frost <sfrost@snowman.net> wrote:
    > > * Heikki Linnakangas (hlinnakangas@vmware.com) wrote:
    > >> (forwarding to pgadmin-hackers)
    > >
    > > Ah.
    > >
    > >> On 05/07/2014 06:44 PM, Stephen Frost wrote:
    > >> >* dlo@isam.kiwi (dlo@isam.kiwi) wrote:
    > >> >>but when the credential contains the delimiter (colon) it fails to be
    > >> >>read back out and app responds with "invalid credentials".
    > >> >>
    > >> >>x.x.x.x:5432:*:username:password:with:colons
    > >> >
    > >> >Per the fine documentation, you need to escape any such usage with a
    > >> >backslash.  Please review:
    > >>
    > >> Stephen, you missed the context. pgadmin3 saves .pgpass, when you
    > >> check the "store password" checkbox in the connection dialog. And
    > >> apparantly pgadmin3 doesn't do that escaping properly.
    > >
    > > Wow, that's pretty rough.  Hopefully they'll be able to fix it soon. :)
    > >
    > >         Thanks,
    > >
    > >                 Stephen
    >
    >
    >
    > --
    > Dave Page
    > Blog: http://pgsnake.blogspot.com
    > Twitter: @pgsnake
    >
    > EnterpriseDB UK: http://www.enterprisedb.com
    > The Enterprise PostgreSQL Company
    >
    
    
    
    -- 
    *Akshay Joshi*
    *Principal Software Engineer *
    
    
    
    *Phone: +91 20-3058-9517Mobile: +91 976-788-8246*