Re: Rejecting weak passwords
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Dave Page <dpage@pgadmin.org>
Cc: Robert Haas <robertmhaas@gmail.com>, Mark Mielke <mark@mark.mielke.cc>, Kevin Grittner <Kevin.Grittner@wicourts.gov>, Andrew Dunstan <andrew@dunslane.net>, Marko Kreen <markokr@gmail.com>, Magnus Hagander <magnus@hagander.net>, Greg Stark <gsstark@mit.edu>, Bruce Momjian <bruce@momjian.us>, pgsql-hackers <pgsql-hackers@postgresql.org>, mlortiz <mlortiz@uci.cu>, Albe Laurenz <laurenz.albe@wien.gv.at>
Date: 2009-10-15T18:12:06Z
Lists: pgsql-hackers
Dave Page <dpage@pgadmin.org> writes: > On Thu, Oct 15, 2009 at 6:43 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: >> Yes, and it's an optional flag that could perfectly well be implemented >> in the plugin that I think we do have consensus to add a hook for. >> The argument is over why do we need to litter the core system with it. > I already said that would suit me. The only other requirement I would > have is a way for pgAdmin or other clients to figure out if that flag > was set so they could construct queries appropriately (and yes, that > could include refusing to send plain text passwords over non-SSL > connections). Well, if it's a GUC implemented by a plugin, it's still a GUC. All you need is some side agreement between pgAdmin and potential GUC authors about what the GUC will be called. regards, tom lane