| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Joe Conway <mail(at)joeconway(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: missing toast table for pg_policy |
| Date: | 2018-02-17 23:52:33 |
| Message-ID: | 20180217235233.td3owoolpfx6zrme@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 2018-02-18 08:48:37 +0900, Michael Paquier wrote:
> On Sat, Feb 17, 2018 at 08:52:11AM -0800, Andres Freund wrote:
> > On 2018-02-17 11:39:57 -0500, Tom Lane wrote:
> > > pg_authid | rolpassword | text
> >
> > that seems not not to require one.
>
> You can craft SCRAM verifiers that make it fail, which can be easily
> done using this module:
> https://github.com/michaelpq/pg_plugins/tree/master/scram_utils
>
> =# create extension scram_utils ;
> CREATE EXTENSION
> =# select scram_utils_verifier('your_role_name', 'foo', 100, 9000);
> ERROR: 54000: row is too big: size 12224, maximum size 8160
>
> The third argument counts for the number of iterations to generate the
> proof and the fourth controls the salt length.
I've a hard hard hard time believing this is something useful to do. I
mean by that argument you can just cause trouble everywhere by just
storing arbitrarily large stuff via sql.
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2018-02-18 00:53:27 | Re: missing toast table for pg_policy |
| Previous Message | Michael Paquier | 2018-02-17 23:48:37 | Re: missing toast table for pg_policy |