| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Magnus Hagander <magnus(at)hagander(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, Gregory Stark <stark(at)enterprisedb(dot)com>, pgsql-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: dblink connection security |
| Date: | 2007-07-08 03:48:24 |
| Message-ID: | 19979.1183866504@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Joe Conway <mail(at)joeconway(dot)com> writes:
> Attached patch implements this proposal, including documentation
> changes. I'll work separately on the back-branch version.
> Any comments/objections?
Looks OK in a fast scan, except that you are not following the message
style guidelines here:
> + ereport(ERROR,
> + (errcode(ERRCODE_S_R_E_PROHIBITED_SQL_STATEMENT_ATTEMPTED),
> + errmsg("connection without password not allowed"),
> + errdetail("non-superuser cannot connect if server does not request password"),
> + errhint("target server authentication method must be changed")));
The guidelines say errdetail and errhint messages should be full
sentences (with initial cap and trailing period). Also possibly
"Target server's auth..." would read better. Also, I'd personally not
leave the "is" out of the errmsg, though that part is surely a judgment
call. Or maybe it should be just errmsg("password is required")?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Joe Conway | 2007-07-08 17:18:31 | Re: dblink connection security |
| Previous Message | Joe Conway | 2007-07-08 03:25:33 | Re: dblink connection security |