| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Michael Banck <michael(dot)banck(at)credativ(dot)de> |
| Cc: | Postgres hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Record last password change |
| Date: | 2018-12-11 14:56:54 |
| Message-ID: | 8283.1544540214@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Michael Banck <michael(dot)banck(at)credativ(dot)de> writes:
> The same was requested in https://dba.stackexchange.com/questions/91252/
> how-to-know-when-postgresql-password-is-changed so I was wondering
> whether this would be a welcome change/addition, or whether people think
> it's not worth bothering to implement it?
This has all the same practical problems as recording object creation
times, which we're not going to do either. (You can consult the
archives for details, but from memory, the stickiest aspects revolve
around what to do during dump/reload. Although even CREATE OR REPLACE
offers interesting definitional questions. In the end there are just
too many different behaviors that somebody might want.)
I've heard that if you want to implement a password aging policy, PAM
authentication can manage that for you; but I don't know the details.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-12-11 17:01:19 | Re: Patch for "CREATE TABLE ... (LIKE ... INCLUDING COMMENTS)" |
| Previous Message | Pablo Iranzo Gómez | 2018-12-11 14:52:40 | Re: Introducing SNI in TLS handshake for SSL connections |