Bruce Momjian writes:
> Is it worth keeping this password capability in 7.3? It requires
> 'password' in pg_hba.conf, which is not secure, and I am not sure how
> many OS's still use crypt in /etc/passwd anyway. Removing the feature
> would clear up pg_hba.conf options a little.
Personally, I don't care. But I'm concerned that some people might use
this to support different passwords for different databases. Not sure why
you'd want that. Maybe send an advisory to -general to see.
--
Peter Eisentraut peter_e(at)gmx(dot)net