Home > mailing lists

Re: Redact user password on pg_stat_statements - Mailing list pgsql-hackers

From	Greg Sabino Mullane
Subject	Re: Redact user password on pg_stat_statements
Date	February 21 18:48:28
Msg-id	CAKAnmmLKZsjQFekJs==NiJLrsN-K7f+L9A1Bkrn=W4HE4OyYOg@mail.gmail.com Whole thread Raw
In response to	Redact user password on pg_stat_statements (Matheus Alcantara <matheusssilv97@gmail.com>)
Responses	Re: Redact user password on pg_stat_statements
List	pgsql-hackers

Tree view

The idea and the patch looks good to me at first glance, +1.

I'm wondering what else we can do to discourage this pattern, however. There are more secure ways to set/change a password, but we keep seeing plain text pop up in various contexts. Maybe a strong warning+hint when someone uses these commands? A future GUC to disable it by default?

Cheers,

Greg

--
Crunchy Data - https://www.crunchydata.com
Enterprise Postgres Software Products & Tech Support

pgsql-hackers by date:

From: Matheus Alcantara
Date: 21 February, 18:33:15
Subject: Redact user password on pg_stat_statements

From: Andres Freund
Date: 21 February, 18:50:14
Subject: Re: TAP test started using meson, can get a tcp port already used by another test.

Re: Redact user password on pg_stat_statements - Mailing list pgsql-hackers

Previous

Next