Search Postgresql Archives

Re: Roles with passwords; SET ROLE ... WITH PASSWORD ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Craig Ringer <craig@xxxxxxxxxxxxxxxxxxxxx> writes:
> On 2/12/2009 11:04 PM, Tom Lane wrote:
>> Seems like it would have all the standard problems with cleartext
>> passwords being exposed in pg_stat_activity, system logs, etc.

> Yeah, I was a bit concerned about that, but it can be worked around with 
> careful use of parameterised queries (depending, admittedly, on client 
> library/driver).

No, not really, because we don't support parameters in utility commands.
Even if we did, parameter values get logged, so the leak to the
postmaster log is still there.

			regards, tom lane

-- 
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux