| From: | Hannu Krosing <hannu(at)trust(dot)ee> |
|---|---|
| To: | Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | Gene Sokolov <hook(at)aktrad(dot)ru>, PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
| Subject: | Re: [HACKERS] Updated TODO list |
| Date: | 1999-07-09 07:58:52 |
| Message-ID: | 3785ABBC.1ADE17D8@trust.ee |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Bruce Momjian wrote:
>
> [Charset iso-8859-1 unsupported, filtering to ASCII...]
> > > ADMIN
> > >
> > > * Better interface for adding to pg_group
> > > * More access control over who can create tables and access the database
> > > * Add syslog functionality
> > > * Allow elog() to return error codes, not just messages
> > > * Allow international error message support and add error codes
> > > * Generate postmaster pid file and remove flock/fcntl lock code
> > > * Add ability to specifiy location of lock/socket files
> >
> > How about:
> > * Not storing passwords in plain text
>
> But we don't, do we? I thougth they were hashed.
do
select * from pg_shadow;
I think that it was agreed that it is better when they can't bw snatched
from
network than to have them hashed in db.
Using currently known technologies we must either either know the
original password
and use challenge-response on net, or else use plaintext (or equivalent)
on the wire.
-------------------
Hannu
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 1999-07-09 08:27:49 | Re: [HACKERS] Arbitrary tuple size |
| Previous Message | Hannu Krosing | 1999-07-09 07:46:53 | Re: [HACKERS] Fwd: Joins and links |