Home > mailing lists

Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c) - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c)
Date	February 19, 1998 17:46:22
Msg-id	199802191946.OAA11923@candle.pha.pa.us Whole thread Raw
In response to	Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c) (The Hermit Hacker <scrappy@hub.org>)
Responses	Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c)
List	pgsql-hackers

Tree view

>
> On Thu, 19 Feb 1998, Bruce Momjian wrote:
>
> > >
> > > On Thu, 19 Feb 1998, Bruce Momjian wrote:
> > >
> > > > >     Just curious, but why don't the copy command fall under the same
> > > > > grant/revoke restrictions in the first place?  It sounds to me like we are
> > > > > backing off of the problem instead of addressing it...
> > > >
> > > > grant/revoke works for copy.
> > >
> > >     Ah, okay, so when we have it setup so that a view overrides the
> > > 'grant' of a select, then we're fine?
> >
> > Yep, but can we do that in nine days, and be sure it is tested?
>
>     I don't think so...but I'rather have the obviuos "select * from
> pg_user" closed off, and the more obscure "copy pg_user to stdout" still
> there then have both wide open...its a half measure, but its better then
> no measure...

But it is not secure.  Why have passwords then?

--
Bruce Momjian
maillist@candle.pha.pa.us

pgsql-hackers by date:

From: jwieck@debis.com (Jan Wieck)
Date: 19 February 1998, 17:39:43
Subject: Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c)

From: Bruce Momjian
Date: 19 February 1998, 17:47:41
Subject: Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c)

Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c) - Mailing list pgsql-hackers

Previous

Next