The point is, it hangs around: in backup 'tapes' to begin with.
And if it's the case of postmaster history, there may be lots of other
people passwords to find. (So I generaly disable postmaster
psql_history, but that's a nuicence).
But as I said, it's a sort of a nuicence, not really an issue.
Obviously, psql is not a place for any extensive command filtering. But
this touches security and I would be willing to have an exception here.
Still, that's just my 2c.
Regards,
-R
On Tue, 2006-06-06 at 10:07 -0400, Tom Lane wrote:
> Rafal Pietrak <rafal@zorro.isa-geek.com> writes:
> > psql clinet tool loggs issued commands into ~/.psql_history, which is
> > VERY usefull. I exercise grep-ing the file extensively.
>
> > But when it comes to command like "ALTER/CREATE USER ... PASSWORD" I'd
> > rather have it NOT logged.
>
> The history file is only readable by yourself, so I see no problem.
> Personally I *don't* want psql editorializing on what it saves there.
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: Don't 'kill -9' the postmaster
--
-R
