> > However, your posting brings up an interesting issue. Our current code
> > makes no distinction between "" as a password, and a NULL password.
> > They are both equivalent to "I have supplied no password". If you
> > create a public user with an empty password, "", there is no way to log
> > in as that user, because "" is considered to be "no password".
> > I don't want to play with this in 7.3.X, but is it something we should
> > consider cleaning up for 7.4?
> There is a precedence for the current behavior. Another DBMS I've used
> takes an empty password for an account to mean "this account is disabled".
> Therefore it is impossible in that DBMS to have a valid account with no
> password. Which to me is equivalent to PostgreSQL saying "if passwords are
> enabled, it is impossible to login to an account with an empty or NULL
> password". I like that behavior.
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
In response to
pgsql-interfaces by date
|Next:||From: Jeroen T. Vermeulen||Date: 2003-01-09 02:34:43|
|Subject: Re: libpqxx Large Objects|
|Previous:||From: ljb||Date: 2003-01-09 01:51:12|
|Subject: Re: still memory leaks with libpgtcl|