| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Abhishek Chanda <abhishek(dot)becs(at)gmail(dot)com>, Álvaro Herrera <alvherre(at)alvh(dot)no-ip(dot)org> |
| Subject: | Re: Adding support for SSLKEYLOGFILE in the frontend |
| Date: | 2025-04-09 18:45:06 |
| Message-ID: | C0C63BE4-E9EC-4B78-92F8-A5C72E686375@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 9 Apr 2025, at 20:41, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> wrote:
>
> Hello,
>
> On Thu, Apr 3, 2025 at 8:51 AM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>> Committed, after another round of testing and looking.
>
> I think we may want to consider marking sslkeylogfile as a debug
> option (that is, opt->dispchar = "D") in fe-connect.c. Besides being a
> true "debug option", this would also prevent a relatively unprivileged
> user of postgres_fdw or dblink from logging the backend connection's
> keys. WDYT?
I think that sounds like a good idea, unless anyone thinks otherwise I'll go
ahead and make it so.
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2025-04-09 18:49:07 | Re: n_ins_since_vacuum stats for aborted transactions |
| Previous Message | Jacob Champion | 2025-04-09 18:41:39 | Re: Adding support for SSLKEYLOGFILE in the frontend |