Re: Adding support for SSLKEYLOGFILE in the frontend

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: Peter Eisentraut <peter(at)eisentraut(dot)org>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Abhishek Chanda <abhishek(dot)becs(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Adding support for SSLKEYLOGFILE in the frontend
Date: 2025-03-16 13:48:58
Message-ID: 7DE45B6B-5FE8-436F-8C34-5DC5ED7F0646@yesql.se
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

> On 14 Mar 2025, at 15:27, Peter Eisentraut <peter(at)eisentraut(dot)org> wrote:
>
> On 13.03.25 19:31, Tom Lane wrote:
>> Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> writes:
>>> Adding the PG prefix to the envvar name addresses my collision
>>> concern, but I think Tom's comment upthread [1] was saying that we
>>> should not provide any envvar at all:
>>>> I think it might be safer if we only accepted it as a connection
>>>> parameter and not via an environment variable.
>>> Is the addition of the PG prefix enough to address that concern too?
>> Indeed, I was advocating for *no* environment variable. The PG prefix
>> does not comfort me.
>
> It seems to me that the environment variable would be the most useful way to use this feature, for example if you want to debug an existing program that you can't or don't want to change.
>
> As was mentioned earlier, libcurl uses an environment variable for this. Moreover, the format originated in the NSS library, which also uses an environment variable.
>
> So we are here constructing a higher level of security that others don't seem to have found the need for.

IIRC the reasoning has been that if a rogue user can inject an environment
variable into your session and read your files it's probably game over anyways.

> It's also possible that we should consider the SSLKEYLOGFILE environment variable some kind of quasi-standard like PAGER, and we should be using exactly that environment variable name like everyone else.

If we would use the same as others, it would make it harder to do fine-grained
debugging of a session

--
Daniel Gustafsson

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message jian he 2025-03-16 13:49:58 Re: general purpose array_sort
Previous Message vignesh C 2025-03-16 13:40:53 Re: Update Unicode data to Unicode 16.0.0