| From: | Jan Wieck <JanWieck(at)Yahoo(dot)com> |
|---|---|
| To: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Password sub-process ... |
| Date: | 2002-07-26 14:02:58 |
| Message-ID: | 3D415692.AF19CA0@Yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
"Marc G. Fournier" wrote:
>
> Something to maybe add to the TODO list, if someone has the
> time/inclination to work on it ...
>
> The problem with the current auth system, as I see it, is that you can't
> easily have seperate user lists and passwords per database ... its shared
> across the system ...
I don't see a problem with that in general. Other databases (like
Informix) do it even worse and you need a UNIX or NIS account where the
password is held!
What would be good is IMHO to have GRANT|REVOKE CONNECT which defaults
to REVOKE, so only superusers and the DB owner can connect, but that the
owner later can change it without the need to edit hba.conf.
Jan
--
#======================================================================#
# It's easier to get forgiveness for being wrong than for being right. #
# Let's break this rule - forgive me. #
#================================================== JanWieck(at)Yahoo(dot)com #
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2002-07-26 14:11:47 | Going on vacation |
| Previous Message | Marc G. Fournier | 2002-07-26 13:48:53 | Password sub-process ... |