Alvaro Herrera wrote: > I propose to push this patch, closing the open item, and you can rework > on top -- I suppose you would completely remove the original conninfo > from shared memory and instead only copy the obfuscated version there > (and probably also remove the ready_to_display flag). I think we'd need > to see the patch before deciding whether we want it in 9.6 or not, > keeping in mind that having the conninfo in shared memory is a > pre-existing problem, unrelated to the pgstats view new in 9.6.
Pushed this. Feel free to tinker further with it, if you feel the need to. Regarding backpatching the clearing of shared memory, I'm inclined not to. If there is a real security concern there (I'm unsure what attack are we protecting against), it may be better fixed by the approach suggested by Fujii whereby the sensitive info is not ever published in shared memory. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
