From: | Josh Berkus <josh(at)agliodbs(dot)com> |
---|---|
To: | Daniel Farina <drfarina(at)acm(dot)org> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: One Role, Two Passwords |
Date: | 2011-01-21 00:35:20 |
Message-ID: | 4D38D4C8.8000309@agliodbs.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> How does this work with newly created objects? Is there a way to have
> them default objects to a different owner, the parent of the two
> roles?
No, but you could easily assign default permissions.
> In the case of password rotation, the goal would be to
> drop the old password after all clients have had reasonable chance to
> get an update. One could work around by generating new
> username+password pairs constantly, but there are conveniences to
> having a stable public-identifier for a role in addition to a private
> secret used to authenticate it
I guess I don't really understand what the real-world use case for this is.
--
-- Josh Berkus
PostgreSQL Experts Inc.
http://www.pgexperts.com
From | Date | Subject | |
---|---|---|---|
Next Message | Daniel Farina | 2011-01-21 00:47:48 | Re: One Role, Two Passwords |
Previous Message | Kevin Grittner | 2011-01-21 00:33:20 | Re: SSI and Hot Standby |