Re: [HACKERS] scram and \password
| От | Robert Haas |
|---|---|
| Тема | Re: [HACKERS] scram and \password |
| Дата | |
| Msg-id | CA+TgmoZ1oCu6pdRaj4sexaSPUooLcgRzrwd6qMV-SB7JsqTAmQ@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [HACKERS] scram and \password (Heikki Linnakangas <hlinnaka@iki.fi>) |
| Ответы |
Re: [HACKERS] scram and \password
|
| Список | pgsql-hackers |
On Tue, May 2, 2017 at 3:42 AM, Heikki Linnakangas <hlinnaka@iki.fi> wrote: > There's going to be a default, one way or another. The default is going to > come from password_encryption, or it's going to be a hard-coded value or > logic based on server-version in PQencryptPasswordConn(). Or it's going to > be a hard-coded value or logic implemented in every application that uses > PQencryptPasswordConn(). I think looking at password_encryption makes the > most sense. The application is not in a good position to make the decision, > and forcing the end-user to choose every time they change a password is too > onerous. I think there should be no default, and the caller should have to pass the algorithm explicitly. If they want to determine what default to pass by running 'SHOW password_encryption', that's their choice. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
В списке pgsql-hackers по дате отправления: