Fujii Masao wrote: > On Wed, Jun 29, 2016 at 12:23 PM, Alvaro Herrera > <[email protected]> wrote: > > Michael Paquier wrote: > >> On Wed, Jun 29, 2016 at 6:42 AM, Alvaro Herrera > >> <[email protected]> wrote: > > > >> > I have already edited the patch following some of these ideas. Will > >> > post a new version later. > >> > >> Cool, thanks. > > > > Here it is. I found it was annoying to maintain the function return > > tupdesc in two places (pg_proc.h and the function code itself), so I > > changed that too. > > ISTM that pg_stat_wal_receiver can return the security-sensitive fields > if it's viewed before walreceiver overwrites the conninfo in the shared memory > with the obfuscated one.
Hmm, ouch. Maybe we can set a flag once the conninfo has been obfuscated, and put the function to sleep until the flag is set. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
