Open jameshartig opened 2 years ago
Revelation of original password was due to elog() unconditionally logging the SQL statement for the second attempt:
if (OidIsValid(get_role_oid(stmt->role, true)))
ereport(ERROR,
(errcode(ERRCODE_DUPLICATE_OBJECT),
errmsg("role \"%s\" already exists",
stmt->role)));
If we want to avoid this scenario, we should decide which SQL statements need to be redacted. From quick check, there are 81 places where ERRCODE_DUPLICATE_OBJECT is raised.
One option is to redact SQL statement with this pattern PASSWORD 'xx'
Looks like there have been proposals in PG community for redacting the password, all of which got rejected.
Suggestion is to keep server log secure.
Jira Link: DB-3032
Description
Running yb in Docker like:
If you run the following command (yes, twice):
then in the logs you'll see:
You shouldn't see
foobar
in the logs.