Re: primary_conninfo missing from pg_stat_wal_receiver
Michael Paquier <michael.paquier@gmail.com>
From: Michael Paquier <michael.paquier@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Peter Eisentraut <peter.eisentraut@2ndquadrant.com>,
Tatsuo Ishii <ishii@postgresql.org>, vik@2ndquadrant.fr, PostgreSQL mailing lists <pgsql-hackers@postgresql.org>, Masao Fujii <masao.fujii@gmail.com>
Date: 2016-06-21T03:32:01Z
Lists: pgsql-hackers
On Tue, Jun 21, 2016 at 12:06 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Peter Eisentraut <peter.eisentraut@2ndquadrant.com> writes: >> On 6/20/16 10:29 PM, Tom Lane wrote: >>> What I would want to know is whether this specific change is actually a >>> good idea. In particular, I'm concerned about the possible security >>> implications of exposing primary_conninfo --- might it not contain a >>> password, for example? > >> That would have been my objection. This was also mentioned in the >> context of moving recovery.conf settings to postgresql.conf, because >> then the password would become visible in SHOW commands and the like. > >> Alternatively or additionally, implement a way to strip passwords out of >> conninfo information. libpq already has information about which >> connection items are sensitive. > > Yeah, I'd been wondering whether we could parse the conninfo string into > individual fields and then drop the password field. It's hard to see a > reason why this view needs to show passwords, since presumably everything > in it corresponds to successful connections --- if your password is wrong, > you aren't in it. walreceiver.c does not have a direct dependency to libpq yet, everything does through libpqwalreceiver. So a correct move would be to unplug the low-level routines of PQconninfoParse into something in src/common/, where both the backend and frontend could use it. And then we use it to rebuild a connection string. Thoughts? -- Michael
Commits
-
Add conninfo to pg_stat_wal_receiver
- 9ed551e0a4fd 9.6.0 landed
-
Only show pg_stat_replication details to superusers
- f88a638199d8 9.1.0 cited