Hi all,
I should have noticed that before, but it happens that pg_stat_ssl
leaks information about the SSL status of all the users connected to a
server. Let's imagine for example:
1) Session 1 connected through SSL with a superuser:
=# create role toto login;
CREATE ROLE
=# select * from pg_stat_ssl;
pid | ssl | version | cipher | bits |
compression | clientdn
-------+-----+---------+-----------------------------+------+-------------+----------
33348 | t | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | 256 | t |
(1 row)
2) New session 2 with previously created user:
=> select * from pg_stat_ssl;
pid | ssl | version | cipher | bits |
compression | clientdn
-------+-----+---------+-----------------------------+------+-------------+----------
33348 | t | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | 256 | t |
33367 | t | TLSv1.2 | ECDHE-RSA-AES256-GCM-SHA384 | 256 | t |
(2 rows)
Attached is a patch to mask those values to users that should not have
access to it, similarly to the other fields of pg_stat_activity.
Regards,
--
Michael