Re: PostgreSQL Password Cracker

I'll do that.  Justin: What's the URL for the .pgpass stuff?  So far I see
mention of using SSL.  That's two items to cover.  Anything else?

On Wed, 1 Jan 2003, Bruce Momjian wrote:

>
> Yes, I have been feeling we should do that.  Justin pointed out just
> yesterday that .pgpass is only mentioned in libpq documentation, and in
> fact there is lots of stuff mentioned in libpq that releates to the
> other interfaces, so it should be pulled out and put in one place.
>
> Does anyone want to tackle this?
>
> ---------------------------------------------------------------------------
>
> Tom Lane wrote:
> > Bruce Momjian <pgman@candle.pha.pa.us> writes:
> > > What do others think?  I am not sure myself.
> >
> > There should definitely be someplace that recommends using SSL across
> > insecure networks (if there's not already).  But it doesn't seem to me
> > to qualify as a FAQ entry.  Somewhere in the admin guide seems more
> > appropriate.  Perhaps under Client Authentication?
> >
> > Maybe someone could even put together enough material to create a whole
> > chapter on security considerations --- this is hardly the only item
> > worthy of mention.
> >
> >             regards, tom lane
> >
>
> --
>   Bruce Momjian                        |  http://candle.pha.pa.us
>   pgman@candle.pha.pa.us               |  (610) 359-1001
>   +  If your life is a hard drive,     |  13 Roberts Road
>   +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
>