From: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Password sub-process ... |
Date: | 2002-07-30 05:03:28 |
Message-ID: | 20020730020236.H3083-100000@mail1.hub.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, 30 Jul 2002, Bruce Momjian wrote:
> Tom Lane wrote:
> > "Marc G. Fournier" <scrappy(at)hub(dot)org> writes:
> > > First and foremost in my mind ... how do you have two users in the system
> > > with seperate passwords? ...
> > > since as soon as there are two 'bruce' users, only one can have a password
> >
> > Uh, we've *never* supported "two bruce users" ... users have always been
> > installation-wide. I am not sure what the notion of a database-owning
> > user means if user names are not of wider scope than databases.
> >
> > No doubt we could redesign the system so that user names are local to a
> > database, and break a lot of existing setups in the process. But what's
> > the value? If you want separate usernames you can set up separate
> > postmasters. If we change, and you don't want separate user names
> > across databases, you'll be out of luck.
>
> He was being tricky by having different passwords for the same user on
> each database, so one user couldn't get into the other database, even
> though it was the same name. He could actually have a user access
> databases 1,2,3 and another user with a different password access
> databases 4,5,6 because of the username/password files. Now, he can't
> do that.
>
> Having those file function as username lists is already implemented
> better in the new code. The question is whether using those secondary
> passwords is widespread enough that I need to get that into the code
> too. It was pretty confusing for users, so I am hesitant to re-add it,
> but I hate for Marc to lose functionality he had in the past.
You seem to have done a nice job with the + and @ for 'maps' ... how about
third on that states that the map file has a username:password pair in it?
I do like how the pg_hba.conf has changed, just don't like the lose of
functionality :(
From | Date | Subject | |
---|---|---|---|
Next Message | Marc G. Fournier | 2002-07-30 05:04:35 | Re: Password sub-process ... |
Previous Message | Marc G. Fournier | 2002-07-30 05:01:54 | Re: Password sub-process ... |