Somebody told me it could be possible if i use pgcrypto pgp_pub_decrypt() function with my queries the logs will reveal the secret key used to decrypt my data
SELECT pgp_pub_decrypt(string_to_decrypt, private_key)
I can not check that because i dont have access to the logs, but if this is true, from my point of view this should be considered as a security issue. Is this true?
Yes, this is true. Assuming you are logging statements.
It is also probably visible in pg_stat_activity to a superuser who is looking at the right moment.
Of course, a superuser could also install an extension to secretly log just crypto-related function calls, that's the nature of having superuser access.
If you don't control the server your database is running on and don't trust the people who do, then you shouldn't store sensitive information in it.
