You know I didn't even think about that, duh. I was thinking of using it
inside a function where the password could be obtained on the database
server itself somehow, avoiding the need to pass any passwords from the web
application and simplifying a rather complicated permission structure we
have where we have anonymous users that need insert rights on a whole bunch
of different schema's.
Chris
----- Original Message -----
From: "Bruce Momjian" <pg***@candle.pha.pa.us>
To: "Chris Ochs" <ch***@paymentonline.com>
Cc: <pg***********@postgresql.org>
Sent: Tuesday, June 15, 2004 8:02 AM
Subject: Re: [GENERAL] Feature ideaChris Ochs wrote:
What if SET SESSION AUTHORIZATION could also accept a password so that non superusers could switch to a different user? How difficult would this
be?
Well, the password would go over the wire unencrypted, causing a
security problem.
--
Bruce Momjian | http://candle.pha.pa.us
pg***@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania
19073
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html