Re: Passwords in clear text in server log

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Don Seiler <don(at)seiler(dot)us>
Cc: pgsql-admin <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Passwords in clear text in server log
Date: 2017-10-11 14:48:33
Message-ID: 9072.1507733313@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Don Seiler <don(at)seiler(dot)us> writes:
> When I run a CREATE USER or ALTER USER statement and set a password for a
> user, that statement gets printed to the server log, along with the
> password, IN CLEAR TEXT.

This is why psql has provisions for encrypting a new password on the
client side --- see \password.

More generally, almost any SQL command might contain data that somebody
thinks is sensitive for some purpose or other. If you're going to log
commands, it behooves you to make sure the log is not widely readable.

regards, tom lane

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Don Seiler 2017-10-11 15:22:31 Re: Passwords in clear text in server log
Previous Message Don Seiler 2017-10-11 14:30:50 Passwords in clear text in server log