| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Dave Page <dpage(at)pgadmin(dot)org>, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Rejecting weak passwords |
| Date: | 2009-10-01 17:12:32 |
| Message-ID: | 9837222c0910011012u6bcf5d1al8057183ed27554df@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Oct 1, 2009 at 19:07, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>> On Thu, Oct 1, 2009 at 17:24, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>> I agree with the subsequent comments suggesting a sample module that
>>> actually does something useful --- although if it's going to link to
>>> external code like cracklib, it probably is going to have to be on
>>> pgfoundry not in contrib.
>
>> Why is that? we have plenty of other things in contrib that rely on
>> external code, for example the uuid, xml or ssl stuff.
>
> Well, maybe. I was concerned about availability, portability, license
> compatibility, and so on. The bar's a lot lower for pgfoundry projects
> on all those points ...
Fair enough. And on the licensing issue.
That said, it would still be good to have something actually *useful*
in contrib. A bit more than just comparing userid and password.
Perhaps at least being able to set the min length, and the requirement
on having >1 "character class"?
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-10-01 17:13:09 | Re: Limit allocated memory per session |
| Previous Message | Euler Taveira de Oliveira | 2009-10-01 17:07:48 | Re: Rejecting weak passwords |