Home > mailing lists

Re: Row data is reflected in DETAIL message when constraints fail oninsert/update - Mailing list pgsql-general

From	Ravi Krishna
Subject	Re: Row data is reflected in DETAIL message when constraints fail oninsert/update
Date	June 20, 2019 19:42:16
Msg-id	9B4574FD-05FA-40CE-A5DB-3820B4E73C75@mail.com Whole thread Raw
In response to	Re: Row data is reflected in DETAIL message when constraints fail on insert/update (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-general

Tree view

> More generally: I find this complaint a little confusing.  We did not
> consider reporting the "show row contents" DETAIL to the client to be a
> security hazard when it was added, because one would think that that's
> just data that the client already knows anyway.  I'd be interested to see
> a plausible use-case in which the message would reflect PII that had not
> been supplied by or available to the client.

I had the same issue in pgaudit which was spilling PHI data in PG logs which we
were feeding to sumologic.  I had to write a python masking program to strip out
literal values from the PG log.

pgsql-general by date:

From: Tom Lane
Date: 20 June 2019, 19:27:42
Subject: Re: Row data is reflected in DETAIL message when constraints fail on insert/update

From: Adrian Klaver
Date: 20 June 2019, 20:09:43
Subject: Re: Detaching multiple partitions in 1 ALTER TABLE statement

Re: Row data is reflected in DETAIL message when constraints fail oninsert/update - Mailing list pgsql-general

Previous

Next