* Michael Paquier (michael.paqu...@gmail.com) wrote: > On Mon, Feb 15, 2016 at 10:23 AM, Stephen Frost <sfr...@snowman.net> wrote: > > I would start by pointing out that pg_user currently uses pg_shadow.. > > Why do we need pg_shadow or pg_user or related views at all..? > > pg_user/pg_shadow have the advantage to be world-readable and mask > password values.
New views would have that same advantage, should we implement them that way. Tom's approach is also workable though, where we make the existing views have a reducaed charter, which is mainly around providing user lists and simply not include any info about password verifiers or the like. Thanks! Stephen
Description: Digital signature