Re: pg_hba.conf and secondary password file

Peter Eisentraut wrote:
> Bruce Momjian writes:
> 
> > Is it worth keeping this password capability in 7.3?  It requires
> > 'password' in pg_hba.conf, which is not secure, and I am not sure how
> > many OS's still use crypt in /etc/passwd anyway.  Removing the feature
> > would clear up pg_hba.conf options a little.
> 
> Personally, I don't care.  But I'm concerned that some people might use
> this to support different passwords for different databases.  Not sure why
> you'd want that.  Maybe send an advisory to -general to see.

Yes, I will send to general.  I wanted to get feedback from hackers
first --- I will send now.

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026