Tom Lane wrote: > Bruce Momjian <bruce@xxxxxxxxxx> writes: > > Tom Lane wrote: > >> Now that we have SQL-level CONNECT privilege, I wonder just how much > >> functionality would be lost if we got rid of the flat files and told > >> people they had to use CONNECT to do any per-user or per-database > >> access control. > >> > >> The main point I can see offhand is that password checking would have > >> to be done a lot later in the startup sequence, with correspondingly > >> more cycles wasted to reject bad passwords. > > > Is this a TODO? > > Well, it's a TO-THINK-ABOUT anyway. I think the appropriate next step > would not be to write code, but to do a detailed investigation of what > would be gained or lost. I don't remember exactly what we do with the > flat-file contents. The flat file is the username/password sorted list. We load that info into the postmaster in an array that we can binary sort. I wonder how big the postmaster process address space was when handling 2 billion users: http://archives.postgresql.org/pgsql-bugs/2009-07/msg00176.php It seems just storing many users in the postmaster could be burdensome, but fixing that would be creating something like a database, which we already have. ;-) -- Bruce Momjian <bruce@xxxxxxxxxx> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-performance mailing list (pgsql-performance@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-performance
