Re: Log of CREATE USER statement

Поиск
Список
Период
Сортировка
От Bruce Momjian
Тема Re: Log of CREATE USER statement
Дата
Msg-id 200512091803.jB9I3GW09471@candle.pha.pa.us
обсуждение исходный текст
Ответ на Re: Log of CREATE USER statement  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: Log of CREATE USER statement  ("Joshua D. Drake" <jd@commandprompt.com>)
Список pgsql-hackers
Дерево обсуждения 
Tom Lane wrote:
> Peter Eisentraut <peter_e@gmx.net> writes:
> > Users who choose a password 
> > should have the assurance that the password cannot be seen in 
> > plain-text by anyone anywhere.  In a PostgreSQL system, the password 
> > can be seen in all kinds of places, like the psql history, the server 
> > log, the activity displays, and who knows where else.
> 
> As I said already, if the user wishes the password to be secure, he
> needs to encrypt it on the client side.  Anything else is just the
> illusion of security.

Should we document this?

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
359-1001+  If your life is a hard drive,     |  13 Roberts Road +  Christ can be your backup.        |  Newtown Square,
Pennsylvania19073

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: Log of CREATE USER statement
Следующее
От: "Joshua D. Drake"
Дата:
Сообщение: Re: Log of CREATE USER statement