Greetings,
* Andres Freund (andres@anarazel.de) wrote:
> On 2018-09-27 17:41:56 -0400, Stephen Frost wrote:
> > Of course, if I'm missing something as to why the ascii-cleaning makes
> > sense or is necessary, I'm all ears, but I'm just not seeing it.
>
> There's many reasons. For example you can send terminal control
> characters to the server. When somebody then looks at the log, you can
> screw with them pretty good, unless they're always careful to go through
> less (without -r). We should be *more* not *less* careful about this
> kind of hting.
I seriously doubt we're going to start stripping usernames down to ASCII
for them to be displayed in the log file.
I'll put it down to this then- we aren't changing things with this
patch in that regard, and the function needs to be available in both
places and I don't think including guc.h into postmaster.c is a good
idea.
I'll add a comment that hackers should try to avoid using the function,
and that we should really try to do better here but it's unclear how to
do so without inviting problems, along with your comment above regarding
the kinds of problems we could run into.
Thanks!
Stephen
