| From: | Zhihong Yu <zyu(at)yugabyte(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PostgreSQL Developers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: redacting password in SQL statement in server log |
| Date: | 2022-07-24 01:27:59 |
| Message-ID: | CALNJ-vQ570o3rMegwiEw80d0cB26ReCAs==zcFb+AuFHczH3QQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, Jul 23, 2022 at 5:27 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Zhihong Yu <zyu(at)yugabyte(dot)com> writes:
> > Currently, in situation such as duplicate role creation, the server log
> > would show something such as the following:
>
> > 2022-07-22 13:48:18.251 UTC [330] STATEMENT: CREATE ROLE test WITH LOGIN
> > PASSWORD 'foobar';
>
> > The password itself should be redacted before logging the statement.
>
> This has been proposed multiple times, and rejected multiple times,
> primarily because it offers only false security: you'll never cover
> all the cases. (The proposed patch manages to create a bunch of
> false positives to go along with its false negatives, too.)
>
> The only safe answer is to be sure to keep the server log contents
> secure. Please see prior discussions in the archives.
>
> regards, tom lane
>
Pardon my laziness.
I will pay more attention.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zhang Mingli | 2022-07-24 04:48:25 | Re: optimize lookups in snapshot [sub]xip arrays |
| Previous Message | Tom Lane | 2022-07-24 00:27:37 | Re: redacting password in SQL statement in server log |