Robert Haas <robertmh...@gmail.com> writes:
> I wonder if we could drum up some support for not including any
> version of the password (even encrypted) in the query string. For
> instance, let's say that to change your password you have to use the
> new CHANGE PASSWORD command which can only be used at top level (not
> inside PL code or whatever) and always takes a single parameter that
> must be supplied via the extended query protocol.
How would pg_dumpall cope with transferring passwords then?
I could see insisting that plain-text passwords be supplied only
that way. But removing the ability to have encrypted passwords
in-line seems like a serious operational problem with little benefit.
regards, tom lane
