You know I didn't even think about that, duh. I was thinking of using it
inside a function where the password could be obtained on the database
server itself somehow, avoiding the need to pass any passwords from the web
application and simplifying a rather complicated permission structure we
have where we have anonymous users that need insert rights on a whole bunch
of different schema's.
Chris
> ----- Original Message -----
> From: "Bruce Momjian" <pgman@candle.pha.pa.us>
> To: "Chris Ochs" <chris@paymentonline.com>
> Cc: <pgsql-general@postgresql.org>
> Sent: Tuesday, June 15, 2004 8:02 AM
> Subject: Re: [GENERAL] Feature idea
>
>
> > Chris Ochs wrote:
> > >
> > > What if SET SESSION AUTHORIZATION could also accept a password so that
> non
> > > superusers could switch to a different user? How difficult would this
> be?
> >
> > Well, the password would go over the wire unencrypted, causing a
> > security problem.
> >
> > --
> > Bruce Momjian | http://candle.pha.pa.us
> > pgman@candle.pha.pa.us | (610) 359-1001
> > + If your life is a hard drive, | 13 Roberts Road
> > + Christ can be your backup. | Newtown Square, Pennsylvania
> 19073
> >
>
