Michael Paquier <michael.paqu...@gmail.com> writes: > On Thu, Jun 30, 2016 at 6:47 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> It strikes me that keeping a password embedded in the conninfo from being >> exposed might be quite a bit harder/riskier if it became a GUC. Something >> to keep in mind if we ever try to make that change ...
> Exposing it in memory for a long time is an issue even if we have a > new GUC-flag to obfuscate the value in some cases.. Well, mumble ... I'm having a hard time understanding the threat model we're guarding against there. An attacker who can read process memory can probably read the config file too. I don't mind getting rid of the in-memory copy if it's painless to do so, but I doubt that it's worth any large amount of effort. regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers