| From: | "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov> |
|---|---|
| To: | "Robert Haas" <robertmhaas(at)gmail(dot)com>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Andrew Dunstan" <andrew(at)dunslane(dot)net>, "Pavel Stehule" <pavel(dot)stehule(at)gmail(dot)com>, "Peter Eisentraut" <peter_e(at)gmx(dot)net>, "Dimitri Fontaine" <dfontaine(at)hi-media(dot)com>, "Dave Page" <dpage(at)pgadmin(dot)org>, "PostgreSQL Hackers" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Application name patch - v2 |
| Date: | 2009-10-19 16:08:37 |
| Message-ID: | 4ADC48B5020000250002BB0B@gw.wicourts.gov |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
> Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> I think Pavel's entire line of argument is utter nonsense.
> +1. I can't even understand why we're still arguing about this.
Agreed. One premise of the whole concept was "don't even think of
using it for security"[1]. That's not it's purpose; so any criticisms
on that basis are irrelevant. Claims that it opens new security holes
if you *don't* try to use it for this purpose don't seem to have any
merit that I can see; I don't think Pavel has even attempted to put
such an argument forward.
-Kevin
[1]
http://archives.postgresql.org/message-id/407d949e0907161237r76ebd92av6836c6563d8a230e@mail.gmail.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-10-19 16:12:07 | Re: Rejecting weak passwords |
| Previous Message | Peter Eisentraut | 2009-10-19 16:08:08 | Re: Rejecting weak passwords |