| From: | Rafal Pietrak <rafal(at)zorro(dot)isa-geek(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: ALTER USER ..... PASSWORD .... |
| Date: | 2006-06-06 15:23:35 |
| Message-ID: | 1149607417.22835.20.camel@model.home.waw.pl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
The point is, it hangs around: in backup 'tapes' to begin with.
And if it's the case of postmaster history, there may be lots of other
people passwords to find. (So I generaly disable postmaster
psql_history, but that's a nuicence).
But as I said, it's a sort of a nuicence, not really an issue.
Obviously, psql is not a place for any extensive command filtering. But
this touches security and I would be willing to have an exception here.
Still, that's just my 2c.
Regards,
-R
On Tue, 2006-06-06 at 10:07 -0400, Tom Lane wrote:
> Rafal Pietrak <rafal(at)zorro(dot)isa-geek(dot)com> writes:
> > psql clinet tool loggs issued commands into ~/.psql_history, which is
> > VERY usefull. I exercise grep-ing the file extensively.
>
> > But when it comes to command like "ALTER/CREATE USER ... PASSWORD" I'd
> > rather have it NOT logged.
>
> The history file is only readable by yourself, so I see no problem.
> Personally I *don't* want psql editorializing on what it saves there.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: Don't 'kill -9' the postmaster
--
-R
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Carlos Oliva | 2006-06-06 16:27:33 | Re: Backwards index scan |
| Previous Message | Alan Hodgson | 2006-06-06 15:04:45 | Re: Backwards index scan |