public inbox for [email protected]
help / color / mirror / Atom feedFrom: Chao Li <[email protected]>
To: Jacob Champion <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: Fujii Masao <[email protected]>
Cc: Postgres hackers <[email protected]>
Cc: vignesh C <[email protected]>
Subject: Re: Prevent remote libpq notices from being sent to clients
Date: Sat, 6 Jun 2026 09:10:46 +0800
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+nqE5ZoSEi9gJjVtEYS9xjVmELpfgedm5ajaEdSa=Hbpw@mail.gmail.com>
References: <[email protected]>
<CAHGQGwH8De4O1mBZRHWATngQOqCb+1p741DW1rBKgWu2wkfaLw@mail.gmail.com>
<[email protected]>
<CAOYmi+nqE5ZoSEi9gJjVtEYS9xjVmELpfgedm5ajaEdSa=Hbpw@mail.gmail.com>
> On Jun 5, 2026, at 23:20, Jacob Champion <[email protected]> wrote:
>
> On Fri, Jun 5, 2026 at 7:43 AM Tom Lane <[email protected]> wrote:
>> Also, I don't buy the argument that this is a "leak": if the remote
>> server was willing to send the message to its client, it doesn't think
>> that the message is security-critical.
>
> I don't think the remote gets to decide that, in general. It's up to
> the middle layer to know whether it's operating at the same level of
> trust as the end client.
>
> --Jacob
Thanks to all for the input. It looks like people have different opinions on this topic. BTW, I realized that my previous wording of "leak" was too strong, sorry about that.
Here, I think the main concern is that this is an “unintentional" user-visible behavior change. I went through the original discussion thread [1], and I don't see this behavior change being explicitly discussed. I am not against Fujii's idea that emitting a remote WARNING to the client could be helpful, and I also like Tom's idea of mapping the remote severity to the local log level. But if we really want to do that, I think we need a dedicated discussion, and that seems too late for v19. Also, if we eventually decide to change the client-visible behavior, I think we should document it explicitly.
How about preserving the old client-visible behavior for v19? I can add this topic to my TODO list and follow up with this work for v20.
[1] https://postgr.es/m/CALDaNm2xsHpWRtLm-VL_HJCsaE3+1Y_n-jDEAr3-suxVqc3xoQ@mail.gmail.com
Best regards,
--
Chao Li (Evan)
HighGo Software Co., Ltd.
https://www.highgo.com/
view thread (6+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Prevent remote libpq notices from being sent to clients
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox