On Mon, Dec 21, 2015 at 9:27 PM, Craig Ringer wrote:
> Right now the logs just have to be treated as security critical. Which
> sucks, but is not easily solved.
>
> Nothing is going to stop:
>
> ALTER USER fred PAWORD 'sekrit';
>
> from logging the password in a
On Sun, Dec 20, 2015 at 1:47 PM, Tom Lane wrote:
> The syntax you propose exposes the user's password in cleartext in
> the command, where it is likely to get captured in logs for example.
> That's not going to do.
Of course, right now, the ALTER USER ... PASSWORD command has
On 21 December 2015 at 22:57, Tom Lane wrote:
> Robert Haas writes:
> > On Sun, Dec 20, 2015 at 1:47 PM, Tom Lane wrote:
> >> The syntax you propose exposes the user's password in cleartext in
> >> the command, where it is likely
2015-12-21 17:57 GMT+03:00 Tom Lane :
> Robert Haas writes:
> > On Sun, Dec 20, 2015 at 1:47 PM, Tom Lane wrote:
> >> The syntax you propose exposes the user's password in cleartext in
> >> the command, where it is likely to get
Robert Haas writes:
> On Sun, Dec 20, 2015 at 1:47 PM, Tom Lane wrote:
>> The syntax you propose exposes the user's password in cleartext in
>> the command, where it is likely to get captured in logs for example.
>> That's not going to do.
> Of course,
Hackers,
There are feature which may be useful in conjunction with connection pools.
It is the ability to change the session user without creating the new
connection, like this:
(pseudo REPL):
notsuperuser > SELECT current_user, session_user;
notsuperuser notsuperuser
notsuperuser > SET SESSION
Dmitry Igrishin writes:
> There are feature which may be useful in conjunction with connection pools.
> It is the ability to change the session user without creating the new
> connection, like this:
> (pseudo REPL):
> notsuperuser > SELECT current_user, session_user;
>
2015-12-20 21:47 GMT+03:00 Tom Lane :
> Dmitry Igrishin writes:
> > There are feature which may be useful in conjunction with connection
> pools.
> > It is the ability to change the session user without creating the new
> > connection, like this:
> >