| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | David Steele <david(at)pgmasters(dot)net>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Bruce Momjian <bruce(at)momjian(dot)us>, Greg Stark <stark(at)mit(dot)edu>, Robert Haas <robertmhaas(at)gmail(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: WIP: SCRAM authentication |
| Date: | 2016-02-15 01:53:06 |
| Message-ID: | 20160215015306.GM3331@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Michael Paquier (michael(dot)paquier(at)gmail(dot)com) wrote:
> On Mon, Feb 15, 2016 at 10:23 AM, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
> > I would start by pointing out that pg_user currently uses pg_shadow..
> > Why do we need pg_shadow or pg_user or related views at all..?
>
> pg_user/pg_shadow have the advantage to be world-readable and mask
> password values.
New views would have that same advantage, should we implement them that
way. Tom's approach is also workable though, where we make the existing
views have a reducaed charter, which is mainly around providing user
lists and simply not include any info about password verifiers or the
like.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Langote | 2016-02-15 01:55:57 | Re: Declarative partitioning |
| Previous Message | Stephen Frost | 2016-02-15 01:51:10 | Re: WIP: SCRAM authentication |