Quick Links

Re: Redact user password on pg_stat_statements

From:	Greg Sabino Mullane <htamfids(at)gmail(dot)com>
To:	Matheus Alcantara <matheusssilv97(at)gmail(dot)com>
Cc:	PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject:	Re: Redact user password on pg_stat_statements
Date:	2025-02-21 15:48:28
Message-ID:	CAKAnmmLKZsjQFekJs==NiJLrsN-K7f+L9A1Bkrn=W4HE4OyYOg@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

The idea and the patch looks good to me at first glance, +1.

I'm wondering what else we can do to discourage this pattern, however.
There are more secure ways to set/change a password, but we keep seeing
plain text pop up in various contexts. Maybe a strong warning+hint when
someone uses these commands? A future GUC to disable it by default?

Cheers,
Greg

--
Crunchy Data - https://www.crunchydata.com
Enterprise Postgres Software Products & Tech Support

In response to

Redact user password on pg_stat_statements at 2025-02-21 15:33:15 from Matheus Alcantara

Responses

Re: Redact user password on pg_stat_statements at 2025-02-21 16:25:21 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Andres Freund	2025-02-21 15:50:14	Re: TAP test started using meson, can get a tcp port already used by another test.
Previous Message	Matheus Alcantara	2025-02-21 15:33:15	Redact user password on pg_stat_statements