Re: Should rolpassword be toastable?

Nathan Bossart <nathandbossart@gmail.com>

From: Nathan Bossart <nathandbossart@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: "Jonathan S. Katz" <jkatz@postgresql.org>, Jacob Champion <jacob.champion@enterprisedb.com>, Michael Paquier <michael@paquier.xyz>, Alexander Lakhin <exclusion@gmail.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2024-10-04T14:47:56Z
Lists: pgsql-hackers
On Thu, Oct 03, 2024 at 10:33:04PM -0400, Tom Lane wrote:
> "Jonathan S. Katz" <jkatz@postgresql.org> writes:
>> I think Tom's initial suggestion (BLCKSZ/2) is better than 256, given we 
>> really don't know what' out there in the wild, and this could end up 
>> being a breaking change. Every other type in pg_authid is pretty small. 
> 
> I'm having second thoughts about that though, based on the argument
> that we don't really want a platform-dependent limit here.
> Admittedly, nobody changes BLCKSZ on production systems, but it's
> still theoretically an issue.  I don't have a problem with selecting
> a larger limit such as 512 or 1024 though.

Since BLCKSZ can be as low as 1024, I think 512 would be a good choice.

> However, if you wanted to allow multiple passwords I'm not
> sure about a good way.

The most recent proposal I'm aware of [0] did seem to target that use-case.
One option might be to move rolpassword to a different catalog.  In any
case, I don't think it matters much for the patch at hand.

[0] https://postgr.es/m/CAGB%2BVh5SQQorNDEKP%2B0G%3DsmxHRhbhs%2BVkmQWD5Vh98fmn8X4dg%40mail.gmail.com

-- 
nathan



Commits

  1. Restrict password hash length.

  2. Remove pg_authid's TOAST table.

  3. Remove arbitrary restrictions on password length.