Magnus Hagander <mag...@hagander.net> writes: > For a one-off password used locally only, we could also consider just using > a guid, and generate it using > http://msdn.microsoft.com/en-us/library/windows/desktop/aa379205(v=vs.85).aspx.
Not sure if that API is intended to create an unpredictable UUID, rather than just a unique one. > Obviously windows only though - do we have *any* Unix platforms that can't > do unix sockets? I'm not aware of any. A look into the git history of pg_config_manual.h shows that QNX and BEOS used to be marked as not having Unix sockets, but of course we dropped support for those in 2006. I'd rather bet on "all non-Windows platforms have Unix sockets" than "all non-Windows platforms have /dev/urandom"; the former standard is far older than the latter. One other thought here: is it actually reasonable to expend a lot of effort on the Windows case? I'm not aware that people normally expect a Windows box to have multiple users at all, let alone non-mutually-trusting users. BTW, a different problem with the proposed patch is that it changes some test cases in ecpg and contrib/dblink, apparently to avoid session reconnections. That seems likely to me to be losing test coverage. Perhaps there is no alternative, but I'd like to have some discussion around that point as well. regards, tom lane -- Sent via pgsql-hackers mailing list (firstname.lastname@example.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers