> What about a more general solution, such as a flag to turn off logging of > ALTER ROLE statements completely?
IMO, flags for a specific type of utility statement seems way too much for pg_stat_statements, and this will also not completely prevent leaking plain text passwords from all ways that CREATE/ALTER ROLE could be run, i.e. DO blocks, inside functions/procs with track=all. The clients that set passwords could simply turn off track_utility on a user/transaction level while they are performing the action with sensitive data. -- Sami Amazon Web Services (AWS)
