| From: | Peter Eisentraut <e99re41(at)DoCS(dot)UU(dot)SE> |
|---|---|
| To: | The Hermit Hacker <scrappy(at)hub(dot)org> |
| Cc: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] TODO list updated |
| Date: | 2000-01-13 11:21:27 |
| Message-ID: | Pine.GSO.4.02A.10001131216270.6438-100000@Pingvin.DoCS.UU.SE |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 12 Jan 2000, The Hermit Hacker wrote:
> On Wed, 12 Jan 2000, Bruce Momjian wrote:
>
> > > If we do a 'CREATE USER <user> WITH PASSWORD <pass>', its no more secure
> > > then using a command line switch for password ...
> >
> > Why is that? ps shows command args, righ?
>
> Point. You won me over :)
But it doesn't show the complete command line, only SELECT or UPDATE, etc.
I'm not sure if it also shows create, I haven't been able to simulate
that.
What's the whole point of access control if you can happily scan your ps
output for all selects, inserts, updates, etc. going through and keep
record of it?
--
Peter Eisentraut Sernanders vaeg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2000-01-13 11:23:49 | Re: [HACKERS] libpq+MB/putenv(), getenv() clean up |
| Previous Message | Peter Eisentraut | 2000-01-13 11:16:09 | Re: [HACKERS] TODO list updated |