Deal Hackers. The value of ssl_passphrase_command is set so that an external command is called when the passphrase for decrypting an SSL file such as a private key is obtained. Therefore, easily set to work with echo "passphrase" or call to another get of passphrase application.
I think that this GUC value doesn't contain very sensitive data, but just in case, it's dangerous to be visible to all users. I think do not possible these cases, but if a used echo external commands or another external command, know what application used to get the password, maybe we can't be convinced that there's the safety of using abuse by backtracking on applications. So I think to the need only superusers or users with the default role of pg_read_all_settings should see these values. Patch is very simple. How do you think about my thoughts like this? Best regards. Moon.
Change-show-authority-of-ssl_passphrase_command.diff
Description: Binary data
