From: | Dmitriy Igrishin <dmitigr(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Guillaume Lelarge <guillaume(at)lelarge(dot)info>, pgsql-general(at)postgresql(dot)org |
Subject: | Re: Roles with empty password (probably bug in libpq and in psql as well). |
Date: | 2012-07-24 14:48:02 |
Message-ID: | CAAfz9KNvnzT7BD0DgzU3_2EhY1c-9r+4mB1=VsaLBz3Trtk4Rw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
2012/7/24 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
> Dmitriy Igrishin <dmitigr(at)gmail(dot)com> writes:
> > But it's impossible to pass empty (NULL) password to the backend
>
> Please note that empty and null are not the same thing...
>
Yes, I know. But why the ALTER ROLE treats '' as NULL and
as the result all of values of pg_catalog.pg_authid.rolpassword are always
NULL even when the password in ALTER ROLE was specified as ''? :-)
That is the reason why I've considered empty and NULL as the same
thing :-)
>
> > by using libpq, because connectOptions2() defined the
> > fe-connect.c reads a password from the ~/.pgpass even when a password
> > specified as an empty string literal ("").
>
> I rather doubt that we'll change this, because it seems more likely
> to break applications that rely on that behavior than to do anything
> useful. Surely nobody in their right mind uses an empty password.
>
> (If anything, I'd be more inclined to make the backend treat an empty
> password as an error than to try to make libpq safe for the case.
> Even if we did change libpq, there are probably issues with empty
> passwords in jdbc and who knows how many other places.)
>
Then it should be at least documented in the libpq's documentation that
explicitly specified empty password will force libpq to get it from the
file?
>
> regards, tom lane
>
--
// Dmitriy.
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2012-07-24 16:14:14 | Re: Roles with empty password (probably bug in libpq and in psql as well). |
Previous Message | Tom Lane | 2012-07-24 14:45:16 | Re: Odd corruption issue reported on dba.stackexchange.com, need advice |