Re: [HACKERS] TODO list updated
Bruce Momjian <pgman@candle.pha.pa.us>
From: Bruce Momjian <pgman@candle.pha.pa.us>
To: Peter Eisentraut <peter_e@gmx.net>
Cc: PostgreSQL-development <pgsql-hackers@postgreSQL.org>
Date: 2000-01-12T23:50:09Z
Lists: pgsql-hackers
[Charset ISO-8859-1 unsupported, filtering to ASCII...] > On 2000-01-12, Bruce Momjian mentioned: > > > I have updated the TODO list to mark all the items that are completed > > for 7.0. > > > > Wow, we're at 32% done! Actually, there are tons of _done_ items on the list. I mentioned only the big undone ones. > > > Are there any additional ones? Are there some names I have forgotten to > > attribute to items? > > * Better interface for adding to pg_group > > It's de facto done. Great. > > * Make postgres user have a password by default > > There's an initdb switch. OK, now we have to decide if we are going to require this be done as part of initdb. I am inclined to say the user _has_ to be _prompted_ in a secure matter for the password as part of initdb. Have a command-line switch for the password is not secure, IMHO, though it is better than nothing. Let's get people's opinions on this, and we can mark it as done. > > * User who can create databases can modify pg_database table > > is on the hit list. I believe the reason this had to be allowed is > createdb() using an actual insert statement to do its thing, which it > won't do any longer once I get all my code together. Some please correct > me if I'm wrong, otherwise I'll yank that code. (Yes, there is code that > specifically _allows_ this.) Great. Also dropping a database required this too. -- Bruce Momjian | http://www.op.net/~candle maillist@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026