Tatsuo Ishii <t-ishii@sra.co.jp> writes:
> As you can see, psql reconnect as any user if the password is same as
> foo. Of course this is due to the careless password setting, but I
> think it's better to prompt ANY TIME the user tries to switch to
> another user. Comments?
Yeah, I agree. Looks like a simple change in dbconnect():
/* * Use old password if no new one given (if you didn't have an old * one, fine) */ if (!pwparam &&
oldconn) pwparam = PQpass(oldconn);
to
/* * Use old password (if any) if no new one given and we are * reconnecting as same user */ if (!pwparam
&&oldconn && PQuser(oldconn) && userparam && strcmp(PQuser(oldconn), userparam) == 0) pwparam =
PQpass(oldconn);
regards, tom lane