Adrian Klaver <adrian.klaver@xxxxxxxxxxx> writes: > On 03/13/2017 08:52 AM, Tom Lane wrote: >> If by "history" you're worried about the server-side statement log, this >> is merest fantasy: the createuser program is not magic, it just constructs >> and sends a CREATE USER command for you. You'd actually be more secure >> using psql, where (if you're superuser) you could shut off log_statement >> for your session first. > There is a difference though: > psql> CREATE USER: > postgres-2017-03-13 09:03:27.147 PDT-0LOG: statement: create user > dummy_user with login password '1234'; Well, what you're supposed to do is postgres=# create user dummy_user; postgres=# \password dummy_user Enter new password: Enter it again: postgres=# which will result in sending something like ALTER USER dummy_user PASSWORD 'md5c5e9567bc40082671d02c654260e0e09' You can additionally protect that by wrapping it into one transaction (if you have a setup where the momentary existence of the role without a password would be problematic) and/or shutting off logging beforehand. regards, tom lane -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
