| From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Andreas(dot)Zeugswetter(at)telecom(dot)at (Zeugswetter Andreas SARZ) |
| Cc: | jwieck(at)debis(dot)com, pgsql-hackers(at)hub(dot)org |
| Subject: | Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c) |
| Date: | 1998-02-19 17:19:59 |
| Message-ID: | 199802191719.MAA05743@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
>
> The command
> copy pg_user to stdout;
>
> will also show the cleartext password and I think it is hard to do a rewrite
> here,
> since this would also affect the pg_dump ?
OK, I have committed code that removes the REVOKE from initdb, and does
not allow them to do any adding or altering of users if there is a
password involved AND the ACL for pg_user is null. It prints a nice
message telling them they need to issue the REVOKE command so normal
users can't read the passwords.
If they use user passwords psql \d does fail if you do this. Do we want
to duplicate the query without the pg_user reference if the \d query
fails?
--
Bruce Momjian
maillist(at)candle(dot)pha(dot)pa(dot)us
| From | Date | Subject | |
|---|---|---|---|
| Next Message | The Hermit Hacker | 1998-02-19 17:29:08 | Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c) |
| Previous Message | Dwayne Bailey | 1998-02-19 17:08:18 | Re: [HACKERS] Platform status |