--On 30. April 2015 08:00:23 -0400 Robert Haas <robertmh...@gmail.com> wrote:
> But... the user could use password authentication with the password > set to "x" and that would be insecure, too, yet not prevented by any > of this. I think it's pretty hard to prevent someone who has > filesystem-level access to the database server from configuring it > insecurely. Sure. But I think the point is to make their engineers to think about what they're doing. Typing in a password gives you at least a hint, that you are probably should use something safe. I agree that you couldn't really make that bullet proof from just this excluded functionality, but i could imagine that this makes sense in a more system-wide context. > > Of course, it's fine for people to make changes like this in their own > copies of PostgreSQL, but I'm not in favor of incorporating those > changes into core. I don't think there's enough general utility to > this to justify that, and more to the point, I think different people > will want different things. We haven't, for example, ever had a > request for this specific thing before. Well, i found at least one of such a proposal here: <http://www.postgresql.org/message-id/CAN2Y=umt7cpkxzhaufw7szeckdwcwsuulmh4xphuxkqbtdu...@mail.gmail.com> -- Thanks Bernd -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
