On Thu, Jun 30, 2016 at 2:50 AM, Alvaro Herrera
<alvhe...@2ndquadrant.com> wrote:
> Fujii Masao wrote:
>> On Wed, Jun 29, 2016 at 12:23 PM, Alvaro Herrera
>> <alvhe...@2ndquadrant.com> wrote:
>> > Michael Paquier wrote:
>> >> On Wed, Jun 29, 2016 at 6:42 AM, Alvaro Herrera
>> >> <alvhe...@2ndquadrant.com> wrote:
>> >
>> >> > I have already edited the patch following some of these ideas.  Will
>> >> > post a new version later.
>> >>
>> >> Cool, thanks.
>> >
>> > Here it is.  I found it was annoying to maintain the function return
>> > tupdesc in two places (pg_proc.h and the function code itself), so I
>> > changed that too.
>>
>> ISTM that pg_stat_wal_receiver can return the security-sensitive fields
>> if it's viewed before walreceiver overwrites the conninfo in the shared 
>> memory
>> with the obfuscated one.
>
> Hmm, ouch.  Maybe we can set a flag once the conninfo has been
> obfuscated, and put the function to sleep until the flag is set.

Or what about making walreceiver instead of startup process read
primary_conninfo from the file?

Regards,

-- 
Fujii Masao


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to