Re: You're on SecurityFocus.com for the cleartext passwords. - Mailing list pgsql-hackers

From Peter Eisentraut
Subject Re: You're on SecurityFocus.com for the cleartext passwords.
Date
Msg-id Pine.LNX.4.21.0005091659550.387-100000@localhost.localdomain
Whole thread Raw
In response to Re: You're on SecurityFocus.com for the cleartext passwords.  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: You're on SecurityFocus.com for the cleartext passwords.
List pgsql-hackers
Tom Lane writes:

> > Actually, I have some ideas in the pipe that would indeed change the
> > layout of pg_shadow slightly, so this might have to happen anyway.
> 
> How far down the pipe?

It would have to do with the access control work which I had planned to
look at. With the summer and all coming up and the hopefully shorter
release cycle I'm not sure whether I'm going to get to it. The
configuration and build clean-up should happen first anyway.

> It'd be nice if we could fix pg_dumpall to dump CREATE USER commands a
> version before we actually need it ;-).

The problem is that CREATE USER doesn't cover all fields of pg_shadow, in
particular usecatupd. Though perhaps this field is obscure enough to not
bother. Also this will be pretty tricky to get to work for groups. (That
pg_group table really needs a redesign.)


-- 
Peter Eisentraut                  Sernanders väg 10:115
peter_e@gmx.net                   75262 Uppsala
http://yi.org/peter-e/            Sweden



pgsql-hackers by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: CREATE DATABASE WITH OWNER '??';
Next
From: Tom Lane
Date:
Subject: Re: You're on SecurityFocus.com for the cleartext passwords.