| From: | Ron Mayer <rm_pg(at)cheapcomplexdevices(dot)com> |
|---|---|
| To: | Dave Page <dpage(at)pgadmin(dot)org> |
| Cc: | Mark Mielke <mark(at)mark(dot)mielke(dot)cc>, Robert Haas <robertmhaas(at)gmail(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Marko Kreen <markokr(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Greg Stark <gsstark(at)mit(dot)edu>, Bruce Momjian <bruce(at)momjian(dot)us>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>, mlortiz <mlortiz(at)uci(dot)cu>, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
| Subject: | Re: Rejecting weak passwords |
| Date: | 2009-10-15 21:40:16 |
| Message-ID: | 4AD796C0.5030304@cheapcomplexdevices.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Dave Page wrote:
> I never said it wasn't - in fact I said from the outset it was about
> box-checking, and that anyone doing things properly will use
> LDAP/SSPI/Kerberos etc.
I don't understand why the box-checkers can't already check that
box; with the explanation stating "Yes - by using LDAP or GSSAPI
or PAM configured accordingly".
Or do checkbox-lists specifically say
"can postgres do XYZ with all OS security features disabled".
> Anyway, as noted in the message you quoted, the current proposal will
> allow my colleagues to check boxes, and will be implemented in a
> sensible way on the server side. And it's entirely confined to a
> plugin, so if you trust all your users, there's no need for you to
> load it at all.
Note that I'm not horribly against the feature (though I wouldn't
use it) --- just that ISTM we're checkbox-compliant already by
working with the OS, and it's perhaps more a documentation issue
than coding issue to get those boxes checked.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-10-15 21:40:34 | Re: inefficient use of relation extension? |
| Previous Message | Alvaro Herrera | 2009-10-15 21:15:52 | inefficient use of relation extension? |