Re: How to deny user changing his own password?

Поиск
Список
Период
Сортировка
От nolan@celery.tssi.com
Тема Re: How to deny user changing his own password?
Дата
Msg-id 20030529181801.3793.qmail@celery.tssi.com
обсуждение исходный текст
Ответ на How to deny user changing his own password?  ("adeon" <adeon@tlen.pl>)
Ответы Re: How to deny user changing his own password?  (Bruno Wolff III <bruno@wolff.to>)
Re: How to deny user changing his own password?  (Network Administrator <netadmin@vcsn.com>)
Список pgsql-general
Дерево обсуждения 
> This is the second worst possible reason I can imagine for a feature
> like this. Passwords coded into the frontend ... gosh!

Depending on the application, coding a password into the front end can
be a necessary condition.  Think of a PHP web page script that makes
database calls.  How are you going to prevent other unauthorized
connections from that system?  Passwords aren't a perfect security
device, but they're generally better than no password.

I could see some merit to a 'LOCK' option on the alter user command, so that
the password can only be changed by a superuser.
--
Mike Nolan

В списке pgsql-general по дате отправления:

Предыдущее
От: Bruno Wolff III
Дата:
Сообщение: Re: Blocking access to the database??
Следующее
От: Andrew Sullivan
Дата:
Сообщение: Re: Moving a table to a different schema