| From: | Fujii Masao <fujii(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY. |
| Date: | 2020-03-09 02:42:13 |
| Message-ID: | [email protected] |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY.
This commit changes the GUC ssl_passphrase_command so that
it's examinable by only superuser and a member of pg_read_all_settings.
Per discussion, we determined to do this because the parameter may
contain a sensitive informtaion like a passphrase itself.
Author: Insung Moon
Reviewed-by: Keisuke Kuroda
Discussion: https://postgr.es/m/CAEMmqBuHVGayc+QkYKgx3gWSdqwTAQGw+0DYn3WhcX-eNa2ntA@mail.gmail.com
Branch
------
master
Modified Files
--------------
src/backend/utils/misc/guc.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2020-03-09 06:43:20 | pgsql: Avoid assertion failure with targeted recovery in standby mode. |
| Previous Message | Michael Paquier | 2020-03-09 01:55:59 | pgsql: Doc: fix some description of environment variables with frontend |