Tom Lane wrote:
I notice that the pg_stat_statements patch is applying pg_mbcliplen()
to query strings, in the fond illusion that it knows what encoding
they are in.
This brings up a bigger issue, namely that pg_stat_activity isn't
exactly encoding-proof either --- whatever encoding is in use in a
particular database is what query strings from backends in that database
will be stored in. Readers in another database will be exposed to
strings that probably aren't encoded correctly for their DB.
We could attack this by including source database's encoding in the
shared-memory entries, and performing a conversion on the fly when
reading out the data. However, what happens if the conversion fails?
Seems like this provides a way for users to hide their queries from
the DBA ... just include a comment with some characters that are
untranslatable.
The DBA could always connect to the same database to see the query in
its original form, so I don't think it provides a very useful way to
hide queries.
The most useful behavior would be to replace the untranslatable
characters with "?". I'm not sure how invasive the changes to the
conversion functions would be to support that.
--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers