Baoding-FenShuaJiang
/
Green_GoodERP18_FSJ_Standard
关注 1
点赞 0
百科 捐赠
gooderp18绿色标准版
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
分支: master
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'master'
${ noResults }
Green_GoodERP18_FSJ_Standard/PostgreSQL/doc/postgresql/html/passwordcheck.html

42 行
4.7KB
原始文件 永久链接 Blame 文件历史 

  1. <?xml version="1.0" encoding="UTF-8" standalone="no"?>

  2. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>F.23. passwordcheck</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="pgsql-docs@lists.postgresql.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.79.1" /><link rel="prev" href="pageinspect.html" title="F.22. pageinspect" /><link rel="next" href="pgbuffercache.html" title="F.24. pg_buffercache" /></head><body><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">F.23. passwordcheck</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="pageinspect.html" title="F.22. pageinspect">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="contrib.html" title="Appendix F. Additional Supplied Modules">Up</a></td><th width="60%" align="center">Appendix F. Additional Supplied Modules</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 12.4 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="pgbuffercache.html" title="F.24. pg_buffercache">Next</a></td></tr></table><hr></hr></div><div class="sect1" id="PASSWORDCHECK"><div class="titlepage"><div><div><h2 class="title" style="clear: both">F.23. passwordcheck</h2></div></div></div><a id="id-1.11.7.32.2" class="indexterm"></a><p>

  3.   The <code class="filename">passwordcheck</code> module checks users' passwords

  4.   whenever they are set with

  5.   <a class="xref" href="sql-createrole.html" title="CREATE ROLE"><span class="refentrytitle">CREATE ROLE</span></a> or

  6.   <a class="xref" href="sql-alterrole.html" title="ALTER ROLE"><span class="refentrytitle">ALTER ROLE</span></a>.

  7.   If a password is considered too weak, it will be rejected and

  8.   the command will terminate with an error.

  9.  </p><p>

  10.   To enable this module, add <code class="literal">'$libdir/passwordcheck'</code>

  11.   to <a class="xref" href="runtime-config-client.html#GUC-SHARED-PRELOAD-LIBRARIES">shared_preload_libraries</a> in

  12.   <code class="filename">postgresql.conf</code>, then restart the server.

  13.  </p><p>

  14.   You can adapt this module to your needs by changing the source code.

  15.   For example, you can use

  16.   <a class="ulink" href="https://sourceforge.net/projects/cracklib/" target="_top">CrackLib</a>

  17.   to check passwords — this only requires uncommenting

  18.   two lines in the <code class="filename">Makefile</code> and rebuilding the

  19.   module.  (We cannot include <span class="productname">CrackLib</span>

  20.   by default for license reasons.)

  21.   Without <span class="productname">CrackLib</span>, the module enforces a few

  22.   simple rules for password strength, which you can modify or extend

  23.   as you see fit.

  24.  </p><div class="caution"><h3 class="title">Caution</h3><p>

  25.    To prevent unencrypted passwords from being sent across the network,

  26.    written to the server log or otherwise stolen by a database administrator,

  27.    <span class="productname">PostgreSQL</span> allows the user to supply

  28.    pre-encrypted passwords. Many client programs make use of this

  29.    functionality and encrypt the password before sending it to the server.

  30.   </p><p>

  31.    This limits the usefulness of the <code class="filename">passwordcheck</code>

  32.    module, because in that case it can only try to guess the password.

  33.    For this reason, <code class="filename">passwordcheck</code> is not

  34.    recommended if your security requirements are high.

  35.    It is more secure to use an external authentication method such as GSSAPI

  36.    (see <a class="xref" href="client-authentication.html" title="Chapter 20. Client Authentication">Chapter 20</a>) than to rely on

  37.    passwords within the database.

  38.   </p><p>

  39.    Alternatively, you could modify <code class="filename">passwordcheck</code>

  40.    to reject pre-encrypted passwords, but forcing users to set their

  41.    passwords in clear text carries its own security risks.

  42.   </p></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="pageinspect.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="contrib.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="pgbuffercache.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">F.22. pageinspect </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> F.24. pg_buffercache</td></tr></table></div></body></html>
上海开阖软件有限公司 沪ICP备12045867号-1