Skip site navigation (1) Skip section navigation (2)

Re: Encrypting pg_shadow passwords

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Jim Mercer <jim(at)reptiles(dot)org>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Encrypting pg_shadow passwords
Date: 2001-06-26 04:17:03
Message-ID: 200106260417.f5Q4H4u28496@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
> > The wire is clearly less secure than pg_shadow.
> 
> ah, you've not had a client rooted lately.

I think most people would disagree.

> the wire is far more secure than many default OS installations.

Maybe time for a new OS.  We run on some pretty secure OS's.

> i will not argue that the double-encryption stuff, and MD5 type stuff is
> better.
> 
> however, forcing the dbadmin to store plain-text passwords in pg_shadow
> is at best unwise.
> 
> giving them the option of my mods is a reasonable step towards allowing
> them to avoid that one-stop-shopping facility for crackers, without breaking
> any existing implementations for those who chose to walk what i consider
> an unsafe path.

The big problem is that when we make a change we have to also talk to
old clients to you would have a pretty complex setup to have 'password'
encryption passing the same crypt over the wire all the time.  If not,
why not use 'crypt' authentication.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

In response to

Responses

pgsql-hackers by date

Next:From: Bruce MomjianDate: 2001-06-26 04:20:40
Subject: Re: Encrypting pg_shadow passwords
Previous:From: Jim MercerDate: 2001-06-26 04:12:46
Subject: Re: Encrypting pg_shadow passwords

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group