| From: | Kenneth Marshall <ktm(at)rice(dot)edu> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, Andrew Dunstan *EXTERN* <andrew(at)dunslane(dot)net>, Dave Page <dpage(at)pgadmin(dot)org>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Rejecting weak passwords |
| Date: | 2009-10-01 14:04:31 |
| Message-ID: | 20091001140431.GJ6749@it.is.rice.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 01, 2009 at 03:54:37PM +0200, Magnus Hagander wrote:
> On Thu, Oct 1, 2009 at 15:26, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> wrote:
> > Andrew Dunstan wrote:
> >>>> So here's the patch.
> >>>> I don't think there is documentation required;
> >>>> correct me if I am wrong.
> >>>
> >>> How will people know how to use it, or that it's even there without at
> >>> least a note in the docs somewhere?
> >>
> >> I'd prefer to have an example as a contrib module, as well as docs.
> >> Quite apart from anything else, how the heck would we test it without
> >> such a thing?
> >
> > I was not sure because no other hooks were documented anywhere else
> > than in the code.
> >
> > I could add a paragraph in the "auth-password" section of
> > client-auth.sgml. Or is there a better place?
> >
> > I could easily write a simple contrib that adds a check for
> > username = password if there is interest.
>
> I think it's better to have an actually *useful* contrib module for
> it, if there is one. Meaning perhaps something that links to that
> cracklib thing mentioned upthread.
>
+1 for a sample module that will allow cracklib to drop in.
Cheers,
Ken
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2009-10-01 14:07:40 | Re: Hot Standby on git |
| Previous Message | Magnus Hagander | 2009-10-01 13:54:37 | Re: Rejecting weak passwords |