Re: [PATCH] Include application_name in "connection authorized" log message

From: Stephen Frost <sfrost(at)snowman(dot)net>
To: Andres Freund <andres(at)anarazel(dot)de>
Cc: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, Don Seiler <don(at)seiler(dot)us>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: [PATCH] Include application_name in "connection authorized" log message
Date: 2018-09-27 21:55:56
Message-ID: 20180927215556.GV4184@tamriel.snowman.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Greetings,

* Andres Freund (andres(at)anarazel(dot)de) wrote:
> On 2018-09-27 17:41:56 -0400, Stephen Frost wrote:
> > Of course, if I'm missing something as to why the ascii-cleaning makes
> > sense or is necessary, I'm all ears, but I'm just not seeing it.
>
> There's many reasons. For example you can send terminal control
> characters to the server. When somebody then looks at the log, you can
> screw with them pretty good, unless they're always careful to go through
> less (without -r). We should be *more* not *less* careful about this
> kind of hting.

I seriously doubt we're going to start stripping usernames down to ASCII
for them to be displayed in the log file.

I'll put it down to this then- we aren't changing things with this
patch in that regard, and the function needs to be available in both
places and I don't think including guc.h into postmaster.c is a good
idea.

I'll add a comment that hackers should try to avoid using the function,
and that we should really try to do better here but it's unclear how to
do so without inviting problems, along with your comment above regarding
the kinds of problems we could run into.

Thanks!

Stephen

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2018-09-27 21:59:01 Re: [PATCH] Include application_name in "connection authorized" log message
Previous Message Jimmy Yih 2018-09-27 21:48:42 Obtaining a more consistent view definition when a UNION subquery contains undecorated constants