On Wed, Jun 17, 2020 at 3:55 PM Tom Lane <t...@sss.pgh.pa.us> wrote: > Michel Pelletier <pelletier.mic...@gmail.com> writes: > > In my extension pgsodium I'm defining a custom variable at startup to > store > > a key: > > > https://github.com/michelp/pgsodium/blob/master/src/pgsodium.c#L1107 > > > I'm using the flags GUC_NO_SHOW_ALL | GUC_NO_RESET_ALL | > GUC_NOT_IN_SAMPLE > > | GUC_DISALLOW_IN_FILE, and a custom "no show" show hook that obscures > the > > value. This idea was inspired from the pgcryptokey module from Bruce > > Momjian. > > I guess I'm wondering why you're making it a GUC at all, if you don't > want any of the GUC facilities to apply. >
An excellent point as it's loaded pre-fork I guess I don't need any of that stuff. > It seems like if you want to be this paranoid, you'd be better off > not exposing the variable to the GUC machinery in the first place. > You could use a custom set-function (like setseed) to replace the one > bit of functionality you do want. > Thanks! I've implemented your suggestion similar to how setseed stores its data. > > regards, tom lane >
