From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Lamar Owen <lamar(dot)owen(at)wgcr(dot)org> |
Cc: | Vince Vielhaber <vev(at)michvhf(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Open 7.3 items |
Date: | 2002-08-14 21:44:28 |
Message-ID: | 16359.1029361468@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Lamar Owen <lamar(dot)owen(at)wgcr(dot)org> writes:
> So the former plain 'postgres' user could still be such to us, to client
> programs, etc, but the backend would assume that that meant
> postgres(at)template1 -- no namespace collision, and the special case is that
> anyone(at)template1 has the behavior the unadorned plain user now has.
The trouble with that scheme is that there is zero interoperability
between the plain-vanilla mode (postgres is postgres in pg_shadow) and
the @-mode (postgres is postgres(at)template1 in pg_shadow). Flip the
configuration switch, in either direction, and you can't log in anymore.
We'd almost have to make it a frozen-at-initdb setting so that initdb
would know which form to put into pg_shadow for the superuser, and so
that entry wouldn't break thereafter.
The reason I like the "lowen" vs "lowen(at)somedb" pattern is that
database-global users can log in the same way whether the feature is
turned on or not; this eliminates the getting-started problem, as well
as the likelihood of shooting yourself in the foot.
It is true that if you have a global user lowen you'd want to avoid
creating any local users lowen(at)somedb, and that the existing code
wouldn't be able to enforce that. We could possibly add a few lines
to CREATE USER to warn about this mistake. (It should be a warning not
an error, since if you have no intention of ever using the @-feature
then there's no reason to restrict your choice of usernames.)
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2002-08-14 22:01:41 | Re: journaling in contrib ... |
Previous Message | Rod Taylor | 2002-08-14 21:05:48 | Re: encrypted passwords |