rlm_sql_postgresql: db password appears in plaintext in logs

L. Rose lists at lrose.de
Tue Jan 7 16:31:59 CET 2020


Hello everyone,

I'm not sure if this is a bug or a misconfiguration on our site. When 
running freeradius -X, the database password of our postgresql database 
appears in plaintext on the console:

rlm_sql_postgresql: Connecting using parameters: dbname='radiusdb' 
host='127.0.0.1' port=1337 user='radiususer' password='example'

Of course, the values for dbname, host, port, user and password are not 
the real values, but the real values appear in the debug output. I 
thought that freeradius -X should not print any confidential 
information? Or is this a feature?

Thanks in advance,
L. Rose



More information about the Freeradius-Users mailing list