Home > mailing lists

Re: \password in psql help - Mailing list pgsql-patches

From	Alvaro Herrera
Subject	Re: \password in psql help
Date	March 26, 2008 13:44:10
Msg-id	20080326134348.GC8100@alvh.no-ip.org Whole thread Raw
In response to	Re: \password in psql help ("Heikki Linnakangas" <heikki@enterprisedb.com>)
Responses	Re: \password in psql help (Magnus Hagander <magnus@hagander.net>)
List	pgsql-patches

Tree view

Heikki Linnakangas wrote:
> Magnus Hagander wrote:
>> +     fprintf(output, _("  \\password [USERNAME]\n"
>> +                  "                 securely change the password for a user\n"));
>
> I would leave out the word "securely". Unless you want to provide
> another command for changing it insecurely ;-). What does it mean,
> anyway?

The point is that the password is encrypted on the client and
transmitted in md5 form.  If you were to use ALTER USER to change the
password, it could end up unencrypted in the server log.

--
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

pgsql-patches by date:

From: Alvaro Herrera
Date: 26 March 2008, 13:42:28
Subject: Re: Auto Partitioning Patch - WIP version 1

From: Bruce Momjian
Date: 26 March 2008, 13:48:52
Subject: Re: Auto Partitioning Patch - WIP version 1

Re: \password in psql help - Mailing list pgsql-patches

Previous

Next