Re: Add a warning message when using unencrypted passwords

On 09/12/2024 15:58, Guillaume Lelarge wrote:
> Hi,
>
> Le lun. 9 déc. 2024 à 14:40, Daniel Gustafsson <daniel(at)yesql(dot)se
> <mailto:daniel(at)yesql(dot)se>> a écrit :
>
> > On 9 Dec 2024, at 14:26, Greg Sabino Mullane <htamfids(at)gmail(dot)com
> <mailto:htamfids(at)gmail(dot)com>> wrote:
>
> > -1 to throwing an ERROR - that's not really an error, and not our
> call to make, so a WARNING is sufficient.
>
> Agreed, regardless of how bad it's considered, it's not an error.
> There are
> many ways sensitive data can end up in the logs and offering the
> impression
> there is a safety switch offers a false sense of security.
>
>
> I'm fine with adding a test on whether or not we log statements. But
> that completely hides the fact that people listening on the network
> could also get to the password if the server doesn't use SSL. Isn't it
> weird to warn about one potential leak and not the other one?
>

Here is patch v2. The only addition is a check to warn the user only if
the query has been logged:

(log_statement == LOGSTMT_ALL || log_statement == LOGSTMT_DDL ||
log_min_duration_statement > -1)

v2 is attached.

Regards.

--
Guillaume Lelarge
Consultant
https://dalibo.com