Re: Removing a user's password
| От | Michael Brusser |
|---|---|
| Тема | Re: Removing a user's password |
| Дата | |
| Msg-id | IGEFLDJHFEOIFILGOFDJMEBPCAAA.michael@synchronicity.com обсуждение исходный текст |
| Ответ на | Re: Removing a user's password (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Ответы |
Re: Removing a user's password
|
| Список | pgsql-hackers |
Is setting password to NULL better then deleting user? Mike -----Original Message----- From: pgsql-hackers-owner@postgresql.org [mailto:pgsql-hackers-owner@postgresql.org]On Behalf Of Bruce Momjian Sent: Monday, May 26, 2003 2:32 PM To: Tom Lane Cc: PostgreSQL-development Subject: Re: [HACKERS] Removing a user's password Tom Lane wrote: > Bruce Momjian <pgman@candle.pha.pa.us> writes: > > What capabilities do we have for removing a user's password? > > If you set VALID UNTIL to 'now' (or sometime in the past), you've > effectively prevented him from logging in with the password --- > more effectively than setting the password to NULL, since if the > user is still logged in he can just undo that. I don't think we > really need to do anything more here. Well, can they undo the VALID UNTIL too? I think at a minimum we need to document the proper procedure for removing a password. I see NULL as a more logical way of removing the password rather than playing with VALID UNTIL. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania19073 ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to majordomo@postgresql.org so that your message can get through to the mailing list cleanly
В списке pgsql-hackers по дате отправления: