Home > mailing lists

Re: Log of CREATE USER statement - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Log of CREATE USER statement
Date	December 9, 2005 13:58:40
Msg-id	29764.1134151115@sss.pgh.pa.us Whole thread Raw
In response to	Re: Log of CREATE USER statement (Peter Eisentraut <peter_e@gmx.net>)
Responses	Re: Log of CREATE USER statement Re: Log of CREATE USER statement
List	pgsql-hackers

Tree view

Peter Eisentraut <peter_e@gmx.net> writes:
> Users who choose a password 
> should have the assurance that the password cannot be seen in 
> plain-text by anyone anywhere.  In a PostgreSQL system, the password 
> can be seen in all kinds of places, like the psql history, the server 
> log, the activity displays, and who knows where else.

As I said already, if the user wishes the password to be secure, he
needs to encrypt it on the client side.  Anything else is just the
illusion of security.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 09 December 2005, 13:42:48
Subject: Re: Log of CREATE USER statement

From: Bruce Momjian
Date: 09 December 2005, 14:03:23
Subject: Re: Log of CREATE USER statement

Re: Log of CREATE USER statement - Mailing list pgsql-hackers

Previous

Next