Re: Passwords in clear text in server log

"We have heard many times from people who don't have enough insight, or
enough debug support client-side, to know exactly what queries their
apps are issuing. Disabling query logging would be a horrible setback
for debuggability of such apps. How many times have you said "consult
the postmaster log to find out what's going on"?"

I completely agree. There are many cases, not just edge cases, where this has been vital to isolate and resolve issues.

________________________________
From: pgsql-admin-owner(at)postgresql(dot)org <pgsql-admin-owner(at)postgresql(dot)org> on behalf of Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Sent: Wednesday, October 11, 2017 4:01:10 PM
To: Ervin Weber
Cc: Alvaro Herrera; Don Seiler; pgsql-admin
Subject: Re: [ADMIN] Passwords in clear text in server log

Ervin Weber <webervin(at)gmail(dot)com> writes:
> Alvaro Herrera wrote:
>> Actually, I do wonder why we log statements that fail to parse. Surely
>> the client ought to know that it failed, but what is the value of
>> additionally storing the query in the server log?

> To debug clients who claim it is working on their end, but data does not change.

We have heard many times from people who don't have enough insight, or
enough debug support client-side, to know exactly what queries their
apps are issuing. Disabling query logging would be a horrible setback
for debuggability of such apps. How many times have you said "consult
the postmaster log to find out what's going on"?

regards, tom lane

--
Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin