On 21.02.25 17:38, Andrew Dunstan wrote:
I don't think this is such a terrible kluge. I think it's different from the server log case, which after all requires access to the server file system to exploit.
To me, the mechanism by which this patch works is completely nonobvious and coincidental, and it might get broken by unrelated changes.
I think a possible, more robust approach would be to put a field, say, security_sensitive into DefElem (or maybe a higher node, maybe even Query), and drive decisions from that.
