The point is, it hangs around: in backup 'tapes' to begin with. And if it's the case of postmaster history, there may be lots of other people passwords to find. (So I generaly disable postmaster psql_history, but that's a nuicence). But as I said, it's a sort of a nuicence, not really an issue. Obviously, psql is not a place for any extensive command filtering. But this touches security and I would be willing to have an exception here. Still, that's just my 2c. Regards, -R On Tue, 2006-06-06 at 10:07 -0400, Tom Lane wrote: > Rafal Pietrak <rafal@xxxxxxxxxxxxxxxxxx> writes: > > psql clinet tool loggs issued commands into ~/.psql_history, which is > > VERY usefull. I exercise grep-ing the file extensively. > > > But when it comes to command like "ALTER/CREATE USER ... PASSWORD" I'd > > rather have it NOT logged. > > The history file is only readable by yourself, so I see no problem. > Personally I *don't* want psql editorializing on what it saves there. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 2: Don't 'kill -9' the postmaster -- -R
