Quick Links

Re: Serious problem within authentication subsystem in 7.0

From:	Peter Eisentraut <peter_e(at)gmx(dot)net>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Matt Sullivan <matt(at)sullivan(dot)gen(dot)nz>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Serious problem within authentication subsystem in 7.0
Date:	2000-05-23 21:39:20
Message-ID:	Pine.LNX.4.21.0005232338360.359-100000@localhost.localdomain
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Tom Lane writes:

> > The assumption that the old password can be reused between
> > password connections seems pretty unwise.
>
> I think it's OK, and a useful convenience, if you are reconnecting with
> the same username as before. What I had in mind was to discard the
> prior password if the \connect command specifies a username.

But if you have different passwords between databases then you are still
having the same problem, only at a different scale.

--
Peter Eisentraut Sernanders väg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden

In response to

Re: Serious problem within authentication subsystem in 7.0 at 2000-05-23 14:13:50 from Tom Lane

Responses

Re: Serious problem within authentication subsystem in 7.0 at 2000-05-23 22:19:38 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Peter Eisentraut	2000-05-23 21:45:26	Re: New Lists ...
Previous Message	Peter Eisentraut	2000-05-23 21:38:11	Re: Proposal for enhancements of privilege system