Just wondering,
psql clinet tool loggs issued commands into ~/.psql_history, which is
VERY usefull. I exercise grep-ing the file extensively.
But when it comes to command like "ALTER/CREATE USER ... PASSWORD" I'd
rather have it NOT logged.
This is not a major issue, since there are workarounds - temporary
switching the logging off, etc. Still one have to keep thinking of that
and I have forgot occasionally, still there might be admins which don't
really care.
The implementation should be fairly simple for psql author (I guess :),
but I myself am not up to knowing if it really is. The problem looks
simple: psql-tool should filter away 'sensitive' sql-commands, before
putting them into the log? But the implementation is not so trivial,
since it should take into account not filtering: "ALTER TABLE 'user' add
column password text" and other such similarities, which should actually
be logged.
Comments?
--
-R