Re: ALTER USER ..... PASSWORD .... - Mailing list pgsql-general

From Rafal Pietrak
Subject Re: ALTER USER ..... PASSWORD ....
Date
Msg-id 1149607417.22835.20.camel@model.home.waw.pl
Whole thread Raw
In response to Re: ALTER USER ..... PASSWORD ....  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-general
The point is, it hangs around: in backup 'tapes' to begin with.

And if it's the case of postmaster history, there may be lots of other
people passwords to find. (So I generaly disable postmaster
psql_history, but that's a nuicence).

But as I said, it's a sort of a nuicence, not really an issue.

Obviously, psql is not a place for any extensive command filtering. But
this touches security and I would be willing to have an exception here.

Still, that's just my 2c.

Regards,

-R

On Tue, 2006-06-06 at 10:07 -0400, Tom Lane wrote:
> Rafal Pietrak <rafal@zorro.isa-geek.com> writes:
> > psql clinet tool loggs issued commands into ~/.psql_history, which is
> > VERY usefull. I exercise grep-ing the file extensively.
>
> > But when it comes to command like "ALTER/CREATE USER ... PASSWORD" I'd
> > rather have it NOT logged.
>
> The history file is only readable by yourself, so I see no problem.
> Personally I *don't* want psql editorializing on what it saves there.
>
>             regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: Don't 'kill -9' the postmaster
--
-R

pgsql-general by date:

Previous
From: Alan Hodgson
Date:
Subject: Re: Backwards index scan
Next
From: "Carlos Oliva"
Date:
Subject: Re: Backwards index scan