From: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | brandys(at)eng3(dot)hep(dot)uiuc(dot)edu (todd brandys) |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: [HACKERS] Re: New pg_pwd patch and stuff |
Date: | 1998-01-20 19:53:38 |
Message-ID: | 199801201953.OAA06969@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> I agree that we should do the check for the 'World-readable'
> pg_user and give a warning if someone attempts to assign a password.
> I still think the admin should be given an option in the dbinit script to
> choose whether or no to run the 'REVOKE'. At this point it would be easy
> to inform the admin what the trade-offs are, and we will have his/her
> undivided attention (They will be more apt to read about it to get past the
> prompt.).
>
> These changes should not take long to make. I need to get the current
> CVS version (I will do so tonight), and I should have the changes
> (performed and tested) in a day or so.
Sure, why not ask the admin. Saves him a step when he tries to do the
first password. I just think we should also check when doing a password
change, which makes sense.
--
Bruce Momjian
maillist(at)candle(dot)pha(dot)pa(dot)us
From | Date | Subject | |
---|---|---|---|
Next Message | James Hughes | 1998-01-20 20:13:29 | Re: [HACKERS] Authentication Woes |
Previous Message | The Hermit Hacker | 1998-01-20 19:43:51 | Re: [HACKERS] Authentication Woes |