Home > mailing lists

Re: redacting password in SQL statement in server log - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: redacting password in SQL statement in server log
Date	July 24, 2022 03:27:37
Msg-id	1250706.1658622457@sss.pgh.pa.us Whole thread Raw
In response to	redacting password in SQL statement in server log (Zhihong Yu <zyu@yugabyte.com>)
Responses	Re: redacting password in SQL statement in server log Re: redacting password in SQL statement in server log
List	pgsql-hackers

Tree view

Zhihong Yu <zyu@yugabyte.com> writes:
> Currently, in situation such as duplicate role creation, the server log
> would show something such as the following:

> 2022-07-22 13:48:18.251 UTC [330] STATEMENT:  CREATE ROLE test WITH LOGIN
> PASSWORD 'foobar';

> The password itself should be redacted before logging the statement.

This has been proposed multiple times, and rejected multiple times,
primarily because it offers only false security: you'll never cover
all the cases.  (The proposed patch manages to create a bunch of
false positives to go along with its false negatives, too.)

The only safe answer is to be sure to keep the server log contents
secure.  Please see prior discussions in the archives.

            regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 24 July 2022, 03:23:06
Subject: Re: Cleaning up historical portability baggage

From: Zhihong Yu
Date: 24 July 2022, 04:27:59
Subject: Re: redacting password in SQL statement in server log

Re: redacting password in SQL statement in server log - Mailing list pgsql-hackers

Previous

Next