Hi,
On Mon, Jun 27, 2022 at 06:41:21PM +0530, Bharath Rupireddy wrote:
>
> Here's an idea - what if postgres can emit log messages that have sensitive
> information with special error codes or flags? The emit_log_hook
> implementers will then just need to look for those special error codes or
> flags to treat them differently.
This has been discussed multiple times in the past, and always rejected. The
main reason for that is that it's impossible to accurately determine whether a
message contains sensitive information or not, and if it were there wouldn't be
a single definition that would fit everyone.
As a simple example, how would you handle the log emitted by this query?
ALTERR OLE myuser WITH PASSWORD 'my super secret password';