Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY. This commit changes the GUC ssl_passphrase_command so that it's examinable by only superuser and a member of pg_read_all_settings. Per discussion, we determined to do this because the parameter may contain a sensitive informtaion like a passphrase itself.
Author: Insung Moon Reviewed-by: Keisuke Kuroda Discussion: https://postgr.es/m/caemmqbuhvgayc+qkykgx3gwsdqwtaqgw+0dyn3whcx-ena2...@mail.gmail.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/d9249441efc5b4adc5b1a71f3d16538c68e198fc Modified Files -------------- src/backend/utils/misc/guc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
