Search Postgresql Archives

Re: Row data is reflected in DETAIL message when constraints fail on insert/update

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Karsten,

>>  In other words, this isn't about verbosity, but about sensitive data. It
>> seems like a specific knob for sensitive information may be required, which
>> would be off by default and would potentially affect other fields as well
>> (if relevant).
>
> A specifig knob for "sensitive data" cannot be supplied by
> PostgreSQL because it cannot know beforehand what information
> will be considered sensitive under a given, future, usage
> scenario.

It seems generally agreed that all data from the database should be considered potentially sensitive and should therefore not be leaked in log messages - unless an explicit, informed opt-in is done. It is extremely easy to imagine a (poorly-written) UI or web application which simply surfaces database exceptions, allowing attackers to potentially extract data from the database. In the worst case, passwords and other auth information may get exposed in this way, but even any sort of personal information is a big problem.

It seems worth at least having a conversation about it...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux