projects / users / andresfreund / postgres.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5aaa584) | patch
Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY.
authorFujii Masao <fujii@postgresql.org>
Mon, 9 Mar 2020 02:41:31 +0000 (11:41 +0900)
committerFujii Masao <fujii@postgresql.org>
Mon, 9 Mar 2020 02:41:31 +0000 (11:41 +0900)
commitd9249441efc5b4adc5b1a71f3d16538c68e198fc
tree7a314841312467c1692450c0ff9c9e7c885d5904tree
parent5aaa584f819e2d8d2fb23cdf2174ce6e5628e1f5commit | diff
Mark ssl_passphrase_command as GUC_SUPERUSER_ONLY.

This commit changes the GUC ssl_passphrase_command so that
it's examinable by only superuser and a member of pg_read_all_settings.
Per discussion, we determined to do this because the parameter may
contain a sensitive informtaion like a passphrase itself.

Author: Insung Moon
Reviewed-by: Keisuke Kuroda
Discussion: https://postgr.es/m/CAEMmqBuHVGayc+QkYKgx3gWSdqwTAQGw+0DYn3WhcX-eNa2ntA@mail.gmail.com
src/backend/utils/misc/guc.c diff | blob | blame | history
Andres' PG stuff