Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ryDgg-00F7pJ-22 for pgsql-general@arkaria.postgresql.org; Sat, 20 Apr 2024 16:35:38 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1ryDge-00B7zr-LC for pgsql-general@arkaria.postgresql.org; Sat, 20 Apr 2024 16:35:36 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ryDge-00B7zj-AJ for pgsql-general@lists.postgresql.org; Sat, 20 Apr 2024 16:35:36 +0000 Received: from wfout1-smtp.messagingengine.com ([64.147.123.144]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ryDgb-0020Ke-Qv for pgsql-general@lists.postgresql.org; Sat, 20 Apr 2024 16:35:35 +0000 Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailfout.west.internal (Postfix) with ESMTP id 1C2F41C00086; Sat, 20 Apr 2024 12:35:31 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Sat, 20 Apr 2024 12:35:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aklaver.com; h= cc:content-transfer-encoding:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm2; t=1713630930; x=1713717330; bh=6mhNd2j/xlGutcdWLxqeUFILKL4CNW1hTfLPpehrmso=; b= Ngh5czc5LeLuzb+tHMEi+vU0l3OoqmIh2/GA7i5O6nsJHdLVIozEV6W6SzzO4u8Q H6iuGSnK+gAXGo02uCwbXN0r8Buex0PRtMFcD2xL+PxOASX2FcuoUQtHUmQIpWnE vN4Wp6FAO+iLuXcDmVEn4V6UgJnvC8mFjzVLw12JlZpu+hiQV9QlTpxby9Gpqvj1 SkbOd3+8IQcdidleE0TOUR4P2vAs5h0McAnfOyuiPFkkSjKX7eTQSwGBIEI+oAFy HtitiYwPhND/4hFP/FiJVAP4Yz+dEBhSw8EzCVFupy5/ons0qenRryrVchHVVoee g2r2MjeliS5kt+r4dOf2yA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1713630930; x= 1713717330; bh=6mhNd2j/xlGutcdWLxqeUFILKL4CNW1hTfLPpehrmso=; b=e 3DMAWBHhIvtjnEL9KZNDThNlTIee/tFgtUNZEyOXAoLKIWL/0RsU+o350vHccNA3 cHtgp20S3fN8pYolhvngkHUvfu8WukRxaLGyiZ7VhX+Lk2ewh4OAhR5qp2R3H1NI Gd/1n5cl3crw1XTvUArzG0Nuc1Wvzqq5u7mPiV0o8r3G26dqzIUEKhqJuzA9PsCN yngtvGt07DW//eiLx+xAlLMFU752tGrLVaGitdKrjMLqvHuXFkYi6g01A+AaPJzY yq314roeTEBp5FOz/zyXkCsUkzvChyph9k8DNpAfzSR6Fp0muP+dJdgRnAUCQk8O UkK8eftdI1h+YlSZ2CpBw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudekgedguddtfecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepkfffgggfuffvfhfhjggtgfesth ejredttddvjeenucfhrhhomheptegurhhirghnucfmlhgrvhgvrhcuoegrughrihgrnhdr khhlrghvvghrsegrkhhlrghvvghrrdgtohhmqeenucggtffrrghtthgvrhhnpeeivdfhie ehheegueeileejieettdejhedugeefleekvdelkeehtdfgiefffeekudenucevlhhushht vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrughrihgrnhdrkhhlrg hvvghrsegrkhhlrghvvghrrdgtohhm X-ME-Proxy: Feedback-ID: i76984098:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 20 Apr 2024 12:35:29 -0400 (EDT) Message-ID: Date: Sat, 20 Apr 2024 09:35:29 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Logging statement having any threat? To: Lok P , pgsql-general References: Content-Language: en-US From: Adrian Klaver In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 4/20/24 07:02, Lok P wrote: > > Now when we reach out to the infrastructure team , they are saying these > variables(pg_cluster_log_statement,pg_instance_log_statement) were > removed due to potential security threat. So I want to understand from > experts here , how this is really a security threat and if any option to > get this logging enabled (which will help us debug performance issues) > at same time addressing the threat too? I should have added to previous post, if you have access to the database the security wall has already been breached. > > Regards > Lok -- Adrian Klaver adrian.klaver@aklaver.com