Tom Lane wrote:
> Bruce Momjian <bruce@momjian.us> writes:
> > Tom Lane wrote:
> >> Now that we have SQL-level CONNECT privilege, I wonder just how much
> >> functionality would be lost if we got rid of the flat files and told
> >> people they had to use CONNECT to do any per-user or per-database
> >> access control.
> >>
> >> The main point I can see offhand is that password checking would have
> >> to be done a lot later in the startup sequence, with correspondingly
> >> more cycles wasted to reject bad passwords.
>
> > Is this a TODO?
>
> Well, it's a TO-THINK-ABOUT anyway. I think the appropriate next step
> would not be to write code, but to do a detailed investigation of what
> would be gained or lost. I don't remember exactly what we do with the
> flat-file contents.
The flat file is the username/password sorted list. We load that info
into the postmaster in an array that we can binary sort.
I wonder how big the postmaster process address space was when handling
2 billion users:
http://archives.postgresql.org/pgsql-bugs/2009-07/msg00176.php
It seems just storing many users in the postmaster could be burdensome,
but fixing that would be creating something like a database, which we
already have. ;-)
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +