Skip site navigation (1) Skip section navigation (2)

Re: PostgreSQL Password Cracker

From: Dan Langille <dan(at)langille(dot)org>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, mlw <pgsql(at)mohawksoft(dot)com>,Devrim GUNDUZ <devrim(at)tr(dot)net>, <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: PostgreSQL Password Cracker
Date: 2003-01-02 12:52:13
Message-ID: 20030102075103.F77300-100000@m20.unixathome.org (view raw or flat)
Thread:
Lists: pgsql-hackers
I'll do that.  Justin: What's the URL for the .pgpass stuff?  So far I see
mention of using SSL.  That's two items to cover.  Anything else?

On Wed, 1 Jan 2003, Bruce Momjian wrote:

>
> Yes, I have been feeling we should do that.  Justin pointed out just
> yesterday that .pgpass is only mentioned in libpq documentation, and in
> fact there is lots of stuff mentioned in libpq that releates to the
> other interfaces, so it should be pulled out and put in one place.
>
> Does anyone want to tackle this?
>
> ---------------------------------------------------------------------------
>
> Tom Lane wrote:
> > Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > > What do others think?  I am not sure myself.
> >
> > There should definitely be someplace that recommends using SSL across
> > insecure networks (if there's not already).  But it doesn't seem to me
> > to qualify as a FAQ entry.  Somewhere in the admin guide seems more
> > appropriate.  Perhaps under Client Authentication?
> >
> > Maybe someone could even put together enough material to create a whole
> > chapter on security considerations --- this is hardly the only item
> > worthy of mention.
> >
> > 			regards, tom lane
> >
>
> --
>   Bruce Momjian                        |  http://candle.pha.pa.us
>   pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 359-1001
>   +  If your life is a hard drive,     |  13 Roberts Road
>   +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
>


In response to

Responses

pgsql-hackers by date

Next:From: Charles H. WoloszynskiDate: 2003-01-02 12:53:17
Subject: Re: Cast your vote ...
Previous:From: Michael PaesoldDate: 2003-01-02 12:29:07
Subject: Autocommit off and transaction isolation level

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group