Bill Moran wrote: > Bruce Momjian <[EMAIL PROTECTED]> wrote: > > > Chris Ochs wrote: > > > > > > What if SET SESSION AUTHORIZATION could also accept a password so that non > > > superusers could switch to a different user? How difficult would this be? > > > > Well, the password would go over the wire unencrypted, causing a > > security problem. > > Only if encrypted transport is not enabled. With encrypted transport, it would > be as secure as anything else, right? > > Perhaps, it could only be available if transmission encryption is enabled? Then > again, there's a certain amount of "only the user can shoot his own foot" that > has to be accepted ... > > Just thinking out loud ...
Yes, if you use SSH it is secure, but do we want clauses that are only useful in SSH mode? -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
