Heikki Linnakangas wrote:
> Magnus Hagander wrote:
>> +    fprintf(output, _("  \\password [USERNAME]\n"
>> +                             "                 securely change the password 
>> for a user\n"));
> I would leave out the word "securely". Unless you want to provide  
> another command for changing it insecurely ;-). What does it mean, 
> anyway?

The point is that the password is encrypted on the client and
transmitted in md5 form.  If you were to use ALTER USER to change the
password, it could end up unencrypted in the server log.

Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

Sent via pgsql-patches mailing list (pgsql-patches@postgresql.org)
To make changes to your subscription:

Reply via email to