| From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
|---|---|
| To: | Heikki Linnakangas <heikki(at)enterprisedb(dot)com> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: \password in psql help |
| Date: | 2008-03-26 13:43:48 |
| Message-ID: | 20080326134348.GC8100@alvh.no-ip.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Heikki Linnakangas wrote:
> Magnus Hagander wrote:
>> + fprintf(output, _(" \\password [USERNAME]\n"
>> + " securely change the password for a user\n"));
>
> I would leave out the word "securely". Unless you want to provide
> another command for changing it insecurely ;-). What does it mean,
> anyway?
The point is that the password is encrypted on the client and
transmitted in md5 form. If you were to use ALTER USER to change the
password, it could end up unencrypted in the server log.
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2008-03-26 13:48:40 | Re: Auto Partitioning Patch - WIP version 1 |
| Previous Message | Alvaro Herrera | 2008-03-26 13:42:02 | Re: Auto Partitioning Patch - WIP version 1 |