On Mon, May 18, 2015 at 05:00:41PM -0300, Alvaro Herrera wrote: > Bruce Momjian wrote: > > On Mon, May 18, 2015 at 09:32:23PM +0200, Volker Aßmann wrote: > > > > But I like the more general approach proposed by Alvaro, so in case this > > > patch > > > would have a chance to not be immediately rejected, I would try to > > > implement > > > the more generic approach. I would also include a check to ensure at > > > least one > > > reasonably secure way for password recovery is available. For Unix systems > > > "peer" authentication seems to be a good candidate. > > > > Likely to be rejected. > > Why?
Because, as Josh stated, it is more of a bandaid rather than a fix --- we can't protect administrators against themselves in this way without causing a lot of confusion. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + Everyone has their own god. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
