Steven Siebert <[email protected]> writes:
> Attached is a proposed patch for BUG #10680.
> It's a simple fix to the problem of the ldapbindpasswd leaking in
> clear text to the postgresql log. The patch simply removes the raw
> pg_hba.conf line from the log message, but retains the log line number
> to assist admins in troubleshooting.
You haven't exactly explained why this is a problem. The proposed patch
would impede diagnosing of many other problems, so it's not going to get
committed without a thoroughly compelling rationale.
Hint: "I don't store my postmaster log securely" is not compelling.
We've been over that ground before; there are far too many reasons
why access to the postmaster log is a potential security hazard
to justify concluding that this particular one is worse.
regards, tom lane
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
