| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Password sub-process ... |
| Date: | 2002-07-30 16:24:43 |
| Message-ID: | 3893.1028046283@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> OK, I have one idea. Right now the file format for usernames can be:
But this is just reimplementing the original functionality, which was
quite broken IMHO. The setup Marc is describing doesn't really have
users per-database, it's only faking it. And what if he wants to use
some non-password-based auth method, like IDENT?
I am wondering if we could have a configure-time or install-time
option to make pg_shadow (and pg_group I guess) be database-local
instead of installation-wide. I am not sure about the implications
of this --- in particular, is the notion of a database owner still
meaningful? How could the postmaster cope with it (I'd guess we'd
need multiple flat files, one per DB, for the postmaster to read)?
If we're going to do work to support this concept, then let's really
support it.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marc G. Fournier | 2002-07-30 16:26:46 | Re: Virus Emails |
| Previous Message | Hannu Krosing | 2002-07-30 16:06:57 | Re: creating aggregates that work on composite types |