On Tue, Mar 8, 2022 at 9:28 PM Stephen Frost <sfrost@snowman.net> wrote:
>
> Greetings,
>
> * Jeff Davis (pgsql@j-davis.com) wrote:
> > On Wed, 2022-03-02 at 10:54 -0500, Stephen Frost wrote:
> > > It's our decision what we want to support and maintain in the code
> > > base
> > > and what we don't.
> >
> > That might be an argument in favor of custom auth methods, because we
> > could move built-in methods that we don't like into a contrib module
> > that implements it as a custom auth method.
>
> Feel like I already answered this but just to be clear- I don't view
> that as actually addressing the issue since we'd still be maintaining
> and distributing insecure auth methods.
+1.
And contrib, in particular, is already a mix of very important, stable
ad useful things, and things that are just pure testing or examples
that nobody in their right mind should use. Putting something security
related there seems like a terrible idea on it's own, independent from
shipping things that are known insecure. (yes, I know sepgsql it
there. Which certainly doesn't help tell people if it's something that
could be relied on or not)
--
Magnus Hagander
Me: https://www.hagander.net/
Work: https://www.redpill-linpro.com/
