| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, David Steele <david(at)pgmasters(dot)net>, Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Bruce Momjian <bruce(at)momjian(dot)us>, Greg Stark <stark(at)mit(dot)edu>, Robert Haas <robertmhaas(at)gmail(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: WIP: SCRAM authentication |
| Date: | 2016-02-15 01:45:23 |
| Message-ID: | 5746.1455500723@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> Why do we need pg_shadow or pg_user or related views at all..?
A lot of code looks at those just to get usernames. I am not in favor of
breaking such stuff without need.
How about we just say that the password in these old views always reads
out as '********' even when there is a password, and we invent new views
that carry real auth information? (Hopefully in an extensible way.)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2016-02-15 01:47:24 | Re: WIP: SCRAM authentication |
| Previous Message | Stephen Frost | 2016-02-15 01:23:26 | Re: WIP: SCRAM authentication |