Re: [PATCH] Include application_name in "connection authorized" log message

Stephen Frost <sfrost@snowman.net> writes:
> * Don Seiler (don@seiler.us) wrote:
>> Is the concern that any user can set their client's application name value
>> to any string they want? Is there a reason we can't call
>> check_application_name() before setting it in the Port struct in
>> postmaster.c?

> I've not looked very closely, but I don't think it's necessairly a big
> deal to print out the application name provided by the client system
> into the log before we run check_application_name(), as long as there
> isn't any risk that printing it out or passing it around without
> performing that check will cause incorrect operation or such.

I think the issue is exactly that putting a malformed appname into the
postmaster log could confuse log-reading apps (eg by causing encoding
problems).  Moreover, if you don't check it then the appname recorded
by log_connections would not match appearances for the same session
later in the log, which puts the entire use-case for this patch into
question.  So no, this concern must not be dismissed.

However ... I've not looked at the patch, but I thought the idea was to
allow assignment of that GUC to occur before the log_connections log entry
is emitted, so that it'd show up in the entry's log_line_prefix.  Wouldn't
check_application_name happen automatically at that point?

            regards, tom lane