On 10/19/2017 09:20 AM, Desidero wrote: > I agree that it would be better for us to use something other than > LDAP, but unfortunately it's difficult to convince the powers that be > that we can/should use something else that they are not yet prepared > to properly manage/audit. We are working towards it, but we're not > there yet. It's not really an exuse, but until the industry password > policies are modified to outright ban passwords, many businesses will > probably be in this position. > > In any event, is the use case problematic enough that it would prevent > the proposed changes from being implemented? I could submit a patch to > postgres hackers if necessary, but if it's undesirable I can figure > out something else. > Please don't top-post on the PostgreSQL lists. You said you wanted to allow anonymous pipes, but I think what you really want is a named pipe. I don't see any reason in principle to disallow use of a named pipe as a password file. It could be a bit of a footgun, though, since writing to the fifo would block until it was opened by the client, so you'd need to be very careful about that. cheers andrew -- Andrew Dunstan https://www.2ndQuadrant.com PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
