Hi, On 2019-01-31 16:13:22 +0300, Sergei Kornilov wrote: > Hello > > Yeah, we have no consensus. >
Are you planning to update the patch? Given there's not been much progress here, I think we ough tot mark the CF entry as returned with feedback for now. > Another open question is about logging new primary_conninfo: > > LOG: parameter "primary_conninfo" changed to "host=/tmp port=5432 > > password=hoge" > > I my opinion this is not issue, database logs can have sensitive data. User > queries, for example. > If we not want expose such info - it is ok just hide new value from logs with > new GUC flag? Or i need implement masked conninfo for this purpose? I agree that this doesn't need to be solved as part of this patch. Given the config is in the conf file, I don't think it's meaningful to hide this from the log. If necessary one can use client certs, service files, etc. Greetings, Andres Freund
