On Thu, Jun 30, 2016 at 2:50 AM, Alvaro Herrera <alvhe...@2ndquadrant.com> wrote: > Fujii Masao wrote: >> On Wed, Jun 29, 2016 at 12:23 PM, Alvaro Herrera >> <alvhe...@2ndquadrant.com> wrote: >> > Michael Paquier wrote: >> >> On Wed, Jun 29, 2016 at 6:42 AM, Alvaro Herrera >> >> <alvhe...@2ndquadrant.com> wrote: >> > >> >> > I have already edited the patch following some of these ideas. Will >> >> > post a new version later. >> >> >> >> Cool, thanks. >> > >> > Here it is. I found it was annoying to maintain the function return >> > tupdesc in two places (pg_proc.h and the function code itself), so I >> > changed that too. >> >> ISTM that pg_stat_wal_receiver can return the security-sensitive fields >> if it's viewed before walreceiver overwrites the conninfo in the shared >> memory >> with the obfuscated one. > > Hmm, ouch. Maybe we can set a flag once the conninfo has been > obfuscated, and put the function to sleep until the flag is set.
Or what about making walreceiver instead of startup process read primary_conninfo from the file? Regards, -- Fujii Masao -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers