Re: Feature idea
От | Chris Ochs |
---|---|
Тема | Re: Feature idea |
Дата | |
Msg-id | 006501c452ec$5f783750$250a8b0a@chris обсуждение исходный текст |
Ответ на | Feature idea ("Chris Ochs" <chris@paymentonline.com>) |
Список | pgsql-general |
As much as I hate to say it, if it would be insecure when not using ssl, this is a feature that people would definitely use insecurely and one day it would be labeled as a 'security hole' in postgresql. Chris ----- Original Message ----- From: "Bill Moran" <wmoran@potentialtech.com> To: "Bruce Momjian" <pgman@candle.pha.pa.us> Cc: <chris@paymentonline.com>; <pgsql-general@postgresql.org> Sent: Tuesday, June 15, 2004 8:13 AM Subject: Re: [GENERAL] Feature idea > Bruce Momjian <pgman@candle.pha.pa.us> wrote: > > > Chris Ochs wrote: > > > > > > What if SET SESSION AUTHORIZATION could also accept a password so that non > > > superusers could switch to a different user? How difficult would this be? > > > > Well, the password would go over the wire unencrypted, causing a > > security problem. > > Only if encrypted transport is not enabled. With encrypted transport, it would > be as secure as anything else, right? > > Perhaps, it could only be available if transmission encryption is enabled? Then > again, there's a certain amount of "only the user can shoot his own foot" that > has to be accepted ... > > Just thinking out loud ... > > -- > Bill Moran > Potential Technologies > http://www.potentialtech.com >
В списке pgsql-general по дате отправления: