Re: pg_hba.conf and secondary password file

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org>
Subject: Re: pg_hba.conf and secondary password file
Date: 2002-03-16 00:54:03
Message-ID: Pine.LNX.4.30.0203151952460.767-100000@peter.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Bruce Momjian writes:

> Is it worth keeping this password capability in 7.3? It requires
> 'password' in pg_hba.conf, which is not secure, and I am not sure how
> many OS's still use crypt in /etc/passwd anyway. Removing the feature
> would clear up pg_hba.conf options a little.

Personally, I don't care. But I'm concerned that some people might use
this to support different passwords for different databases. Not sure why
you'd want that. Maybe send an advisory to -general to see.

--
Peter Eisentraut peter_e(at)gmx(dot)net

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tony Reina 2002-03-16 01:20:09 Anyone have a SQL code for cumulative F distribution function?
Previous Message Bruce Momjian 2002-03-16 00:50:57 Re: pg_hba.conf and secondary password file