Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Actually, your Postgres credentials still work. I am currently able to connect to the database and I can still view people in the role I grabbed.

I'm not sure how to validate that this is still timely, though... oh, I created a table:

public | hacker_news_1342216769 | table | ruwdncbzdkulsh

With the current timestamp. So, if you changed anything, it hasn't actually taken effect in the part that matters -- the exposed database.



thanks xb95, it took a minute to take effect, but issue is now fixed.


As of right now, 3:16 PM PDT, I can still connect to (one of) your Postgres databases.

    # psql --host=ec2-23-21-85-231.compute-1.amazonaws.com --port=5432 -U ruwdncbzdkulsh dc6jnvg2ce8qim
    Password for user ruwdncbzdkulsh: 
    psql (9.1.4)
    SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
    Type "help" for help.
    
    dc6jnvg2ce8qim=> SELECT NOW();
                  now              
    -------------------------------
     2012-07-13 22:17:51.821052+00
    (1 row)


Hi Xb95, we first removed the heroku add-on and thought that it would automatically destroy the database, but that turned out not to be the case. So what we did to fix the issue was purge all of the tables from the database. Now the credentials still work, but they reach an empty database without any content. We're working on revoking the access token for all affected users right now. Thanks for helping us through this.


I have confirmed that there is no longer any data in the database I can connect to. Thank you for taking care of this.


/xb95 rides off into the sunset.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: