Re: Hiding a GUC from SQL - Mailing list pgsql-general

From Tom Lane
Subject Re: Hiding a GUC from SQL
Date
Msg-id 1513794.1592434525@sss.pgh.pa.us
Whole thread Raw
In response to Hiding a GUC from SQL  (Michel Pelletier <pelletier.michel@gmail.com>)
Responses Re: Hiding a GUC from SQL
List pgsql-general
Michel Pelletier <pelletier.michel@gmail.com> writes:
> In my extension pgsodium I'm defining a custom variable at startup to store
> a key:

> https://github.com/michelp/pgsodium/blob/master/src/pgsodium.c#L1107

> I'm using the flags GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | GUC_NOT_IN_SAMPLE
> | GUC_DISALLOW_IN_FILE, and a custom "no show" show hook that obscures the
> value.  This idea was inspired from the pgcryptokey module from Bruce
> Momjian.

I guess I'm wondering why you're making it a GUC at all, if you don't
want any of the GUC facilities to apply.

As far as I can think at the moment, putting in a no-op show hook
is sufficient to prevent the value from being seen at the SQL level.
However, it's far from clear that doing that isn't going to have
negative side-effects; it'll possibly also break other things like
GUC save/restore (eg rolling back when a transaction fails).

It seems like if you want to be this paranoid, you'd be better off
not exposing the variable to the GUC machinery in the first place.
You could use a custom set-function (like setseed) to replace the one
bit of functionality you do want.

            regards, tom lane



pgsql-general by date:

Previous
From: Michel Pelletier
Date:
Subject: Hiding a GUC from SQL
Next
From: prachi surangalikar
Date:
Subject: i am getting issue as FATAL: password authentication failed for user' postgres' tried