Home > mailing lists

Redact user password on pg_stat_statements - Mailing list pgsql-hackers

From	Matheus Alcantara
Subject	Redact user password on pg_stat_statements
Date	February 21 18:33:15
Msg-id	CAFY6G8eo3c0LyzmRA+wmpCnex-LOxsXpv_DK7WQ2pujmEH1nPg@mail.gmail.com Whole thread Raw
Responses	Re: Redact user password on pg_stat_statements Re: Redact user password on pg_stat_statements
List	pgsql-hackers

Tree view

Hi hackers!

Attached a patch to redact the password value from pg_stat_statements_view when
executing:
{ CREATE|ALTER} {USER|ROLE|GROUP } identifier { [WITH] [ENCRYPTED]
PASSWORD 'value' }

To redact the password from the pg_stat_statements view a new field location
was added on String type which represents the password value. The location is
stored on JumbleState when JumbleQuery is called. The JumbleState is then used
on generate_normalized_query from pg_stat_statements.c to replace any location
stored with $%d.

The grammar was also changed to set the location field of the String type only
on these specific commands.

Thoughts?

-- 
Matheus Alcantara

Attachment

v1-0001-Redact-user-password-on-pg_stat_statements.patch

pgsql-hackers by date:

From: Peter Eisentraut
Date: 21 February, 18:21:33
Subject: Re: SQL:2011 application time

From: Greg Sabino Mullane
Date: 21 February, 18:48:28
Subject: Re: Redact user password on pg_stat_statements

Redact user password on pg_stat_statements - Mailing list pgsql-hackers

Attachment

Previous

Next