On 10/29/14, 2:33 PM, Tom Lane wrote:
Capture the postmaster log. Keep on capturing it till somebody fat-fingers their login to the extent of swapping the username and password (yeah, I've done that, haven't you?).
Which begs the question: why on earth do we log passwords at all? This is a problem for ALTER ROLE too. Perhaps it would make sense if we had a dedicated security log this stuff went into, but if you're running something like pgBadger/pgFouine you're going to be copying logfiles off somewhere else and now you've got a security problem. Let alone if you're using syslog... -- Jim Nasby, Data Architect, Blue Treble Consulting Data in Trouble? Get it in Treble! http://BlueTreble.com -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
