Re: Rejecting weak passwords - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Rejecting weak passwords
Date
Msg-id 11180.1255630326@sss.pgh.pa.us
Whole thread Raw
In response to Re: Rejecting weak passwords  (Dave Page <dpage@pgadmin.org>)
List pgsql-hackers
Dave Page <dpage@pgadmin.org> writes:
> On Thu, Oct 15, 2009 at 6:43 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> Yes, and it's an optional flag that could perfectly well be implemented
>> in the plugin that I think we do have consensus to add a hook for.
>> The argument is over why do we need to litter the core system with it.

> I already said that would suit me. The only other requirement I would
> have is a way for pgAdmin or other clients to figure out if that flag
> was set so they could construct queries appropriately (and yes, that
> could include refusing to send plain text passwords over non-SSL
> connections).

Well, if it's a GUC implemented by a plugin, it's still a GUC.  All you
need is some side agreement between pgAdmin and potential GUC authors
about what the GUC will be called.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Mark Mielke
Date:
Subject: Re: Rejecting weak passwords
Next
From: Tom Lane
Date:
Subject: Re: Rejecting weak passwords