On 6/19/19 8:56 PM, William Denton wrote:
When inserting up updating a row with not null constraints that are not
satisfied, postgres reflects the values in the row in the error DETAIL.
postgres=# create database test;
CREATE DATABASE
postgres=# \c test;
psql (11.1 (Debian 11.1-3.pgdg90+1), server 11.2)
You are now connected to database "test" as user "postgres".
test=# create table person (firstname text not null, lastname text not
null, email text not null);
CREATE TABLE
test=# insert into person values ('william', 'denton', null);
ERROR: null value in column "email" violates not-null constraint
DETAIL: Failing row contains (william, denton, null).
test=# insert into person values ('william', 'denton',
'email@xxxxxxxxxxx <mailto:email@xxxxxxxxxxx>');
INSERT 0 1
test=# update person set email = null;
ERROR: null value in column "email" violates not-null constraint
DETAIL: Failing row contains (william, denton, null).
test=#
Is there a setting where i can disable the DETAIL field being populated
with row data?
See:
https://www.postgresql.org/docs/11/runtime-config-logging.html#RUNTIME-CONFIG-LOGGING-WHAT
log_error_verbosity
Currently sensitive data (PII in the case illustrated above) is being
leaked by the database engine and relayed up into my application where
is finds its way into application logs.
I have also opened a github issue with Npgsql to see if its possible to
suppress this DETAIL field in exceptions, but it seems this is an issue
that all DB drivers/clients will face.
https://github.com/npgsql/npgsql/issues/2501
Being able to reflect out the data on a row without doing a select may
be a security issue as well.
Thank you!
--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx