Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY.

Fujii Masao <fujii@postgresql.org>

Commit: d9249441efc5b4adc5b1a71f3d16538c68e198fc
Author: Fujii Masao <fujii@postgresql.org>
Date: 2020-03-09T02:41:31Z
Releases: 13.0
Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY.

This commit changes the GUC ssl_passphrase_command so that
it's examinable by only superuser and a member of pg_read_all_settings.
Per discussion, we determined to do this because the parameter may
contain a sensitive informtaion like a passphrase itself.

Author: Insung Moon
Reviewed-by: Keisuke Kuroda
Discussion: https://postgr.es/m/CAEMmqBuHVGayc+QkYKgx3gWSdqwTAQGw+0DYn3WhcX-eNa2ntA@mail.gmail.com

Files

PathChange+/−
src/backend/utils/misc/guc.c modified +2 −1

Discussion