Skip site navigation (1) Skip section navigation (2)

Re: \password in psql help

From: Alvaro Herrera <alvherre(at)commandprompt(dot)com>
To: Heikki Linnakangas <heikki(at)enterprisedb(dot)com>
Cc: Magnus Hagander <magnus(at)hagander(dot)net>, pgsql-patches(at)postgresql(dot)org
Subject: Re: \password in psql help
Date: 2008-03-26 13:43:48
Message-ID: (view raw or whole thread)
Lists: pgsql-patches
Heikki Linnakangas wrote:
> Magnus Hagander wrote:
>> + 	fprintf(output, _("  \\password [USERNAME]\n"
>> + 				 "                 securely change the password for a user\n"));
> I would leave out the word "securely". Unless you want to provide  
> another command for changing it insecurely ;-). What does it mean, 
> anyway?

The point is that the password is encrypted on the client and
transmitted in md5 form.  If you were to use ALTER USER to change the
password, it could end up unencrypted in the server log.

Alvaro Herrera                      
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

In response to


pgsql-patches by date

Next:From: Bruce MomjianDate: 2008-03-26 13:48:40
Subject: Re: Auto Partitioning Patch - WIP version 1
Previous:From: Alvaro HerreraDate: 2008-03-26 13:42:02
Subject: Re: Auto Partitioning Patch - WIP version 1

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group