Home > mailing lists

Re: One Role, Two Passwords - Mailing list pgsql-hackers

From	Josh Berkus
Subject	Re: One Role, Two Passwords
Date	January 20, 2011 23:35:42
Msg-id	4D38D4C8.8000309@agliodbs.com Whole thread Raw
In response to	Re: One Role, Two Passwords (Daniel Farina <drfarina@acm.org>)
Responses	Re: One Role, Two Passwords (Daniel Farina <drfarina@acm.org>)
List	pgsql-hackers

Tree view

> How does this work with newly created objects? Is there a way to have
> them default objects to a different owner, the parent of the two
> roles?

No, but you could easily assign default permissions.

> In the case of password rotation, the goal would be to
> drop the old password after all clients have had reasonable chance to
> get an update.  One could work around by generating new
> username+password pairs constantly, but there are conveniences to
> having a stable public-identifier for a role in addition to a private
> secret used to authenticate it 

I guess I don't really understand what the real-world use case for this is.

--                                  -- Josh Berkus                                    PostgreSQL Experts Inc.
                        http://www.pgexperts.com

pgsql-hackers by date:

From: "Kevin Grittner"
Date: 20 January 2011, 23:33:33
Subject: Re: SSI and Hot Standby

From: Daniel Farina
Date: 20 January 2011, 23:48:16
Subject: Re: One Role, Two Passwords

Re: One Role, Two Passwords - Mailing list pgsql-hackers

Previous

Next