Excerpts from Keith Pinnix's message of lun ago 23 19:47:53 -0400 2010:
> All:
>
> I have a postgresql instance and I have noticed that it is logging the user
> passwords in clear text in the postgresql.log. Is this configurable so that it
> retains the user info and commands but does not log the password?
In what context? If you're doing ALTER ROLE / PASSWORD with the
password in clear text, then that's obviously going to show up in the
log. The solution is to encrypt them client-side; for example use
\password in psql to change passwords, which does that automatically.
--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support