Quick Links

Re: Roles with passwords; SET ROLE ... WITH PASSWORD ?

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Craig Ringer <craig(at)postnewspapers(dot)com(dot)au>
Cc:	PG-General Mailing List <pgsql-general(at)postgresql(dot)org>
Subject:	Re: Roles with passwords; SET ROLE ... WITH PASSWORD ?
Date:	2009-12-02 15:04:42
Message-ID:	12704.1259766282@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

Craig Ringer <craig(at)postnewspapers(dot)com(dot)au> writes:
> Anyway ... I'm curious about whether `SET ROLE rolename WITH PASSWORD'
> is something that's technically practical to implement in PostgreSQL and
> what people think about the idea.

Seems like it would have all the standard problems with cleartext
passwords being exposed in pg_stat_activity, system logs, etc.
Also, what about people who are using more-secure-than-password
auth methods, like Kerberos?

I'm not really for it.

regards, tom lane

In response to

Roles with passwords; SET ROLE ... WITH PASSWORD ? at 2009-12-02 14:18:17 from Craig Ringer

Responses

Re: Roles with passwords; SET ROLE ... WITH PASSWORD ? at 2009-12-02 15:39:59 from Michael Gould
Re: Roles with passwords; SET ROLE ... WITH PASSWORD ? at 2009-12-02 16:41:11 from Craig Ringer

Browse pgsql-general by date

	From	Date	Subject
Next Message	Albe Laurenz	2009-12-02 15:17:03	Re: quote string exactly as it is
Previous Message	Tom Lane	2009-12-02 14:52:41	Re: Postgres Dump out of order