From: | "Donald Fraser" <postgres(at)kiwi-fraser(dot)net> |
---|---|
To: | "[ADMIN]" <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: WITH SYSID feature dropped |
Date: | 2005-12-23 11:57:06 |
Message-ID: | 01d701c607b7$ff8c6b40$0264a8c0@demolish1 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
> On Wed, Dec 21, 2005 at 04:35:00PM -0000, Donald Fraser wrote:
> > Roles are a great improvement to postgresql, but we also talking
security
> > issues here:
> > Our module controls things like:
> > 1) how long before a user must change their password (daily, weekly,
monthly
> > etc)
> > 2) password rotation - for example a user cannot use the same password
> > within the last three changes
> > 3) Password semantics: length of password, dictionary word checks and so
> > on...
> > 4) Restricting a users rights until they have changed their password
(they
> > cannot use the system until they change the password set by the
> > administrator)
From: "Jim C. Nasby"
> Can you release any of that code under a BSD license? Some of those
> should arguably be built-in. If nothing else, it would be good reference
> code for others. Though, you can set a 'valid until' limit on roles
> right now, but I suppose that's not exactly the same as what you have.
I was afraid someone might ask that question...
The short answer is no :-(
The long answer is there is too much of our company specific code embedded
within it, which would make for a lot of changes and un-tested code if I
were to sit down and strip all the unnecessary gook out. Additionally there
are implied protocols to adhere to (which means writing additional
documentation), a java automation engine, which in turn uses a modified
postgresql JDBC driver, of which is only at the 7.4 version level. To top it
off the code now doesn't work with version 8.1.x.
As I am a one man band, I have problems keeping on top of everything. I
would on the first instance like to merge some of my JDBC driver
enhancements so that I could then release to the public my automation engine
which would then allow me to release further code... As we are still running
postgresql 7.4 I will have to pull my finger out and get some of these
issues sorted so that we can upgrade to at least 8.0. So may be sometime
next year you'll see some of it in the public domain.... No promises but I
have released other stuff in the past - for example
(http://gborg.postgresql.org/project/citext/projdisplay.php)
Regards
Donald Fraser
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2005-12-23 13:43:47 | Re: WAL and pg_dump |
Previous Message | Mohamed Fazil | 2005-12-23 10:35:34 | Please help me to implement PGSQL8.0 no-installer in Windows 2k, XP & NT ? |