Re: Feature idea
| От | Bruce Momjian |
|---|---|
| Тема | Re: Feature idea |
| Дата | |
| Msg-id | 200406151529.i5FFTgj19806@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Re: Feature idea (Bill Moran <wmoran@potentialtech.com>) |
| Ответы |
Re: Feature idea
|
| Список | pgsql-general |
Bill Moran wrote: > Bruce Momjian <pgman@candle.pha.pa.us> wrote: > > > Chris Ochs wrote: > > > > > > What if SET SESSION AUTHORIZATION could also accept a password so that non > > > superusers could switch to a different user? How difficult would this be? > > > > Well, the password would go over the wire unencrypted, causing a > > security problem. > > Only if encrypted transport is not enabled. With encrypted transport, it would > be as secure as anything else, right? > > Perhaps, it could only be available if transmission encryption is enabled? Then > again, there's a certain amount of "only the user can shoot his own foot" that > has to be accepted ... > > Just thinking out loud ... Yes, if you use SSH it is secure, but do we want clauses that are only useful in SSH mode? -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
В списке pgsql-general по дате отправления: