| From: | Kenneth Marshall <ktm(at)rice(dot)edu> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Dave Page <dpage(at)pgadmin(dot)org>, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Rejecting weak passwords |
| Date: | 2009-10-01 17:19:40 |
| Message-ID: | 20091001171940.GM6749@it.is.rice.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 01, 2009 at 01:07:04PM -0400, Tom Lane wrote:
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
> > On Thu, Oct 1, 2009 at 17:24, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> >> I agree with the subsequent comments suggesting a sample module that
> >> actually does something useful --- although if it's going to link to
> >> external code like cracklib, it probably is going to have to be on
> >> pgfoundry not in contrib.
>
> > Why is that? we have plenty of other things in contrib that rely on
> > external code, for example the uuid, xml or ssl stuff.
>
> Well, maybe. I was concerned about availability, portability, license
> compatibility, and so on. The bar's a lot lower for pgfoundry projects
> on all those points ...
>
> regards, tom lane
>
It has been a while since I last used cracklib, but the interface
is generic enough that the sample we would ship in contrib could
be trivially adapted to use cracklib. The version we include could
just have the (username = password) check or something similar.
Regards,
Ken
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2009-10-01 17:20:29 | Re: Limit allocated memory per session |
| Previous Message | Stephen Frost | 2009-10-01 17:16:26 | Re: Limit allocated memory per session |