public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jacob Champion <[email protected]>
To: Tom Lane <[email protected]>
Cc: Fujii Masao <[email protected]>
Cc: Chao Li <[email protected]>
Cc: Postgres hackers <[email protected]>
Cc: vignesh C <[email protected]>
Subject: Re: Prevent remote libpq notices from being sent to clients
Date: Fri, 5 Jun 2026 08:20:44 -0700
Message-ID: <CAOYmi+nqE5ZoSEi9gJjVtEYS9xjVmELpfgedm5ajaEdSa=Hbpw@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
<CAHGQGwH8De4O1mBZRHWATngQOqCb+1p741DW1rBKgWu2wkfaLw@mail.gmail.com>
<[email protected]>
On Fri, Jun 5, 2026 at 7:43 AM Tom Lane <[email protected]> wrote:
> Also, I don't buy the argument that this is a "leak": if the remote
> server was willing to send the message to its client, it doesn't think
> that the message is security-critical.
I don't think the remote gets to decide that, in general. It's up to
the middle layer to know whether it's operating at the same level of
trust as the end client.
--Jacob
view thread (6+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Prevent remote libpq notices from being sent to clients
In-Reply-To: <CAOYmi+nqE5ZoSEi9gJjVtEYS9xjVmELpfgedm5ajaEdSa=Hbpw@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox