Bruce Momjian <maillist@candle.pha.pa.us> writes:
>> DB admin has no business knowing other's passwords. The current security
>> scheme is seriously flawed.
> But it is the db passwords, not the Unix passwords.
I think the original point was that some people use the same or related
passwords for psql as for their login password.
Nonetheless, since we have no equivalent of "passwd" that would let a
db user change his db password for himself, it's a little silly to
talk about hiding db passwords from the admin who puts them in.
If this is a concern, we'd need to add both encrypted storage of
passwords and a remote-password-change feature.
regards, tom lane
