Joe Conway <[EMAIL PROTECTED]> writes:
> Tom Lane wrote:
>> What do you think about getting rid of the password_from_string state
>> variable? It was always a bit of a kluge, and we don't seem to need
>> it anymore with this approach.
> It is still used in PQconnectionUsedPassword(). That is still needed to
> prevent a non-superuser from logging in as the superuser if the server
> does not require authentication.
No, the test to see if the server actually *asked* for the password is
the important part at that end.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
