| From: | "Peter Galbavy" <peter(dot)galbavy(at)knowtion(dot)net> |
|---|---|
| To: | "Bruno Wolff III" <bruno(at)wolff(dot)to>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Alvaro Herrera" <alvherre(at)dcc(dot)uchile(dot)cl>, "Rod Taylor" <rbt(at)rbt(dot)ca>, "Hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: ALTER USER |
| Date: | 2003-03-17 14:32:47 |
| Message-ID: | 006701c2ec92$1552bf40$7c28a8c0@cblan.mblox.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> 1. the userid isn't deleted or anything like that.
>
> 2. validuntil is only checked in password authentication methods; if you
> are able to connect via a non-password auth method (eg IDENT) then it's
> not checked.
>
> I've never been quite sure whether #2 is a bug or a feature, though.
Without knowing the history, I would have assumed that this was added to be
the start of a 'password ageing' function. Similar fields exist in GCOS
passwd files, but very few systems use them.
I got bitten by this when some of my user account (in a 6.x DB) were
invalidated after two years. Like I remembered to check...
Peter
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff | 2003-03-17 15:10:50 | Re: Error message style guide |
| Previous Message | Tom Lane | 2003-03-17 14:19:54 | Re: ALTER USER |