Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lh6fs-0005JJ-SD for pgsql-hackers@arkaria.postgresql.org; Thu, 13 May 2021 08:26:28 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1lh6fr-0005rZ-Hy for pgsql-hackers@arkaria.postgresql.org; Thu, 13 May 2021 08:26:27 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lh6fr-0005rR-AD for pgsql-hackers@lists.postgresql.org; Thu, 13 May 2021 08:26:27 +0000 Received: from oss.nttdata.com ([49.212.34.109]) by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lh6fp-0001UY-3Z for pgsql-hackers@postgresql.org; Thu, 13 May 2021 08:26:26 +0000 Received: from oss.nttdata.com (localhost [127.0.0.1]) by oss.nttdata.com (Postfix) with ESMTPA id 6144860F28; Thu, 13 May 2021 17:26:20 +0900 (JST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.2 at oss.nttdata.com MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 13 May 2021 17:26:20 +0900 From: torikoshia To: Laurenz Albe Cc: Bharath Rupireddy , Pgsql Hackers Subject: Re: RFC: Logging plan of the running query In-Reply-To: <1243864f97028b075b9e5b52931fce2ff0896f79.camel@cybertec.at> References: <1243864f97028b075b9e5b52931fce2ff0896f79.camel@cybertec.at> User-Agent: Roundcube Webmail/1.4.11 Message-ID: X-Sender: torikoshia@oss.nttdata.com List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 2021-05-13 01:08, Laurenz Albe wrote: > On Wed, 2021-05-12 at 18:03 +0530, Bharath Rupireddy wrote: >> Since it also shows up the full query text and the plan >> in the server log as plain text, there are chances that the sensitive >> information might be logged into the server log which is a risky thing >> from security standpoint. Thanks for the notification! > I think that is irrelevant. > > A superuser can already set "log_statement = 'all'" to get this. > There is no protection from superusers, and it is pointless to require > that. AFAIU, since that discussion is whether or not users other than superusers should be given the privilege to execute the backtrace printing function, I think it might be applicable to pg_log_current_plan(). Since restricting privilege to superusers is stricter, I'm going to proceed as it is for now, but depending on the above discussion, it may be better to change it. Regards, -- Atsushi Torikoshi NTT DATA CORPORATION