Обсуждение: BUG #4646: Default password is patently absurd

Поиск
Список
Период
Сортировка

BUG #4646: Default password is patently absurd

От
"Jason"
Дата:
The following bug has been logged online:

Bug reference:      4646
Logged by:          Jason
Email address:      jdmarshall@gmail.com
PostgreSQL version: 8.2
Operating system:   Windows XP
Description:        Default password is patently absurd
Details:

I let the installer pick a password for me.  What it picked was 31
characters long, and included characters that I can't actually type on my
keyboard.  Quite possibly some can't even be displayed on my system, as
several are listed as "?".  One of the other characters is the section
symbol (aka §)


Who thought this was a good idea?

Re: BUG #4646: Default password is patently absurd

От
John R Pierce
Дата:
Jason wrote:
> I let the installer pick a password for me.  What it picked was 31
> characters long, and included characters that I can't actually type on my
> keyboard.  Quite possibly some can't even be displayed on my system, as
> several are listed as "?".  One of the other characters is the section
> symbol (aka §)
>
>
> Who thought this was a good idea?
>


that password is ONLY used for the Windows Service login, not anything
you'd ever see again.

Re: BUG #4646: Default password is patently absurd

От
Harald Armin Massa
Дата:
> that password is ONLY used for the Windows Service login, not anything yo=
u'd
> ever see again.

Only when reusing the service account to do a PostgreSQL update... or
when doing the not so uncommon "uninstall, reinstall" raindance fix
for windows (which indeed helps if some bad application overwrote some
DLLs..) :)

Harald
--=20
GHUM Harald Massa
persuadere et programmare
Harald Armin Massa
Spielberger Stra=DFe 49
70435 Stuttgart
0173/9409607
no fx, no carrier pigeon
-
EuroPython 2009 will take place in Birmingham - Stay tuned!

Re: BUG #4646: Default password is patently absurd

От
John R Pierce
Дата:
Harald Armin Massa wrote:
>> that password is ONLY used for the Windows Service login, not anything you'd
>> ever see again.
>>
>
> Only when reusing the service account to do a PostgreSQL update... or
> when doing the not so uncommon "uninstall, reinstall" raindance fix
> for windows (which indeed helps if some bad application overwrote some
> DLLs..) :)
>


the postgres windows uninstaller probably should be offering to delete
the postgres user account when it deletes the service, since the
installer created that account in the first place.

Re: BUG #4646: Default password is patently absurd

От
Harald Armin Massa
Дата:
John,

> the postgres windows uninstaller probably should be offering to delete the
> postgres user account when it deletes the service, since the installer
> created that account in the first place.

deleting the postgres-windows-account is not really what someone
should wish for. As the files of that account (i.E. the
database-files) are tightly coupled with the account on Windows.

Just for reference:

postgres windows account may be killed and password-changed via
administration, computer, users and groups

or:

- to remove (be warned that when using windows crypted filesystems
this may be a real bad thing to do, and without them I would not
recommend it)
net user postgres /delete

- to change password
net user postgres NewPassWord98uL

best wishes

Harald



--=20
GHUM Harald Massa
persuadere et programmare
Harald Armin Massa
Spielberger Stra=DFe 49
70435 Stuttgart
0173/9409607
no fx, no carrier pigeon
-
EuroPython 2009 will take place in Birmingham - Stay tuned!

Re: BUG #4646: Default password is patently absurd

От
John R Pierce
Дата:
Harald Armin Massa wrote:
> John,
>
>
>> the postgres windows uninstaller probably should be offering to delete the
>> postgres user account when it deletes the service, since the installer
>> created that account in the first place.
>>
>
> deleting the postgres-windows-account is not really what someone
> should wish for. As the files of that account (i.E. the
> database-files) are tightly coupled with the account on Windows.
>


you're right, I didn't think that through.

I suppose the installer, when faced with an existing postgres account
from a previous installation, could offer to reset its password.   of
course, if there was more than one postgres instance running in
different directories and different services using this same account,
that would complicate things too.    ugh


I've several times had to talk people through how to manually set an
account password and the service password to match.    this sort of
thing is beyond the typical windows user's experience.   Note, btw, the
service password can be reset on win2000 and newer systems with

    C:\> sc config pgsql-8.3 password= newservicepassword
    C:\> sc qc pgsql-8.3
    [SC] GetServiceConfig SUCCESS

    SERVICE_NAME: pgsql-8.3
            TYPE               : 10  WIN32_OWN_PROCESS
            START_TYPE         : 2   AUTO_START
            ERROR_CONTROL      : 1   NORMAL
            BINARY_PATH_NAME   : D:\postgres\8.3\bin\pg_ctl.exe
runservice -w -N "pgsql-8.3" -D "D:\postgres\8.3\data\"
            LOAD_ORDER_GROUP   :
            TAG                : 0
            DISPLAY_NAME       : PostgreSQL Database Server 8.3
            DEPENDENCIES       :
            SERVICE_START_NAME : .\postgres


[note the use of whitespace has to be exactly as given]