Don Seiler <don@seiler.us> writes:
> On Wed, Oct 11, 2017 at 9:48 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> This is why psql has provisions for encrypting a new password on the
>> client side --- see \password.
> That's nice to have that option, but why even make it an option? If this
> is a dead horse that was finished being beaten years ago, my apologies.
Yes, people have complained about this before, but they're asking for
an impossibility, which is for necessarily-pretty-dumb logging code
to decide which parts of SQL commands somebody might think are sensitive.
I don't intend to spend much time arguing about this, because you can find
previous discussions in the PG archives if you're so inclined. But I do
remember one simple counterexample: if you fat-finger the command syntax,
say
ALTER YSER joe PASSWORD 'notsosecret'
would you still expect the logging code to figure out that it should
suppress the password?
regards, tom lane
--
Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin