| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | abcxiaod(at)126(dot)com, PostgreSQL mailing lists <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: BUG #16447: The query field of the pg_stat_activity table displays the clear text of the password. |
| Date: | 2020-05-18 09:43:52 |
| Message-ID: | CABUevEz3rSA8OvNfO1uy1OxXJ+fm4brfBFqaWu4bJcr8W8CxNg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Mon, May 18, 2020 at 11:41 AM PG Bug reporting form <
noreply(at)postgresql(dot)org> wrote:
> The following bug has been logged on the website:
>
> Bug reference: 16447
> Logged by: yi Ding
> Email address: abcxiaod(at)126(dot)com
> PostgreSQL version: 10.12
> Operating system: linux
> Description:
>
> When the administrator create a user and set the password, we can see the
> password in the pg_stat_activity table.
>
>
Not when the administrator uses the suggested method for setting passwords.
You can use \passwd in psql or use the createuser command to avoid that.
This is clearly documented on the CREATE ROLE documentation page in the
Notes section (https://www.postgresql.org/docs/12/sql-createrole.html)
--
Magnus Hagander
Me: https://www.hagander.net/ <http://www.hagander.net/>
Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2020-05-18 09:45:13 | Re: BUG #16449: Log file and the query field of the pg_stat_statements table display clear text password. |
| Previous Message | PG Bug reporting form | 2020-05-18 09:17:36 | BUG #16451: .psql_history file shows clear text password. |