Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1swjbA-005lnu-1f for pgsql-hackers@arkaria.postgresql.org; Fri, 04 Oct 2024 14:48:04 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1swjb9-000nOE-2K for pgsql-hackers@arkaria.postgresql.org; Fri, 04 Oct 2024 14:48:03 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1swjb8-000nNi-KR for pgsql-hackers@lists.postgresql.org; Fri, 04 Oct 2024 14:48:02 +0000 Received: from mail-yw1-x112e.google.com ([2607:f8b0:4864:20::112e]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1swjb5-002SiO-Sn; Fri, 04 Oct 2024 14:48:01 +0000 Received: by mail-yw1-x112e.google.com with SMTP id 00721157ae682-6e25f3748e0so24180607b3.0; Fri, 04 Oct 2024 07:47:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728053279; x=1728658079; darn=postgresql.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=D2K9NIuIW06TVQDzca7wLOXW3NMR1dlh/9kdaLYRLnE=; b=hZl+uBvi9uzyHNRTEVNDFYHKN+vrMQxl8hEvB4wCLFFqA2FT6uAIESDLdpcWcJe+6T WunGIV07fbrWJHs7Fi43YJLL+Gt5uQgHqQynzVIu5XGTVp8ItUKZ4xpYw/3By6p18UmY vdVwM4mQVV5MAFdMl1u4lJ+G+/ZLikg2tYiB9vx8LrdAiaQGbgdyd2k8dvLv/0spAJ1c IgpBVl+1y5urNrnUnfHCwicX/fWtlufq+ywMhx02LGkoLVvC4qkbe+lFzvNQErX1Q0FS QaXOLrvXtB9BS6YZuWodUcsrPYmu6Y2zvk5BKwsgZs3T0K8Vlt5U4h31LSWVLZj3nIDG jVnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728053279; x=1728658079; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=D2K9NIuIW06TVQDzca7wLOXW3NMR1dlh/9kdaLYRLnE=; b=aEhPzhQ5Ev+qnIVsVlif2VSHcku9Cuq8uvycugmiCnPctsuv4kVIELGm1+rNw02lHT 7gHMLPVIsk2IpjgfS3uuQUiKIY/oownrt1P0zDFDlIENCq5s5arjOkhSUoQq1t6si0/p 9txQfyjRig7j39lbI8nVJ5L/gn4zViBJ64YrTb8zBER7SdoTBHAGwVU25q4OdxuzUS1D qwbm4M+8WSD/CM418anEl5aeZ1DTkdvEzFk3V5IBkfdsFwW5rFWw1CIbJlZHmER3HxMO e7nXpN/MBhavVJL6ej+c9xAAihIinZu6L1emkdc97nCZBaWXBPgFem5hVeCHMQKsVFLW mMuw== X-Forwarded-Encrypted: i=1; AJvYcCXlBBCGKhP1y30QymLx+KTgkDyd6M0fVrMX6jt/rkdTQJpl3gnvNDO5At3zae4sJu0d6G2i0gtd4Ad5GlsV@postgresql.org X-Gm-Message-State: AOJu0Yz+m2jdJBlbiSeKX8wTKS7U70Mz9dmo17BByGONXB8cZOwHwu9I WQ40LW0Sq5+HOgJqBEJ/we1TNendTJDbPOUpQCWp02CVMCV8EwrBH9k1Uw== X-Google-Smtp-Source: AGHT+IGimsYz5+85HhiYDEEjIhinFtGESagVVfprz1lds/HshbtkrETBs6f6fvi/oce28V/F6rh8Cw== X-Received: by 2002:a05:690c:ec1:b0:686:1240:621a with SMTP id 00721157ae682-6e2c728a26emr30488827b3.31.1728053278876; Fri, 04 Oct 2024 07:47:58 -0700 (PDT) Received: from nathan (162-195-168-172.lightspeed.stlsmo.sbcglobal.net. [162.195.168.172]) by smtp.gmail.com with ESMTPSA id 00721157ae682-6e2bcf965eesm6561587b3.85.2024.10.04.07.47.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Oct 2024 07:47:58 -0700 (PDT) Date: Fri, 4 Oct 2024 09:47:56 -0500 From: Nathan Bossart To: Tom Lane Cc: "Jonathan S. Katz" , Jacob Champion , Michael Paquier , Alexander Lakhin , pgsql-hackers Subject: Re: Should rolpassword be toastable? Message-ID: References: <2445149.1726849661@sss.pgh.pa.us> <465160.1727991546@sss.pgh.pa.us> <473657.1727994294@sss.pgh.pa.us> <510907.1728009184@sss.pgh.pa.us> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <510907.1728009184@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Thu, Oct 03, 2024 at 10:33:04PM -0400, Tom Lane wrote: > "Jonathan S. Katz" writes: >> I think Tom's initial suggestion (BLCKSZ/2) is better than 256, given we >> really don't know what' out there in the wild, and this could end up >> being a breaking change. Every other type in pg_authid is pretty small. > > I'm having second thoughts about that though, based on the argument > that we don't really want a platform-dependent limit here. > Admittedly, nobody changes BLCKSZ on production systems, but it's > still theoretically an issue. I don't have a problem with selecting > a larger limit such as 512 or 1024 though. Since BLCKSZ can be as low as 1024, I think 512 would be a good choice. > However, if you wanted to allow multiple passwords I'm not > sure about a good way. The most recent proposal I'm aware of [0] did seem to target that use-case. One option might be to move rolpassword to a different catalog. In any case, I don't think it matters much for the patch at hand. [0] https://postgr.es/m/CAGB%2BVh5SQQorNDEKP%2B0G%3DsmxHRhbhs%2BVkmQWD5Vh98fmn8X4dg%40mail.gmail.com -- nathan