Re: md5 passwords and pg_shadow

Tom Lane wrote:
> Neil Conway <nconway(at)klamath(dot)dyndns(dot)org> writes:
> > How many pre-7.2 clients are actually out there? If 'crypt' authentication
> > is deprecated in 7.2, is there any chance it will be removed in
> > 7.3? If it is, it should be safe to switch to the scheme I mentioned
> > in my previous email, which is both less complicated, and
> > "secure-by-default".
>
> I don't see any particular need to change the implementation; what we
> have works and it's flexible. I do think we should change the default
> password_encryption setting soon. IIRC, we agreed to default to FALSE
> at a time when we didn't have md5 password support in the jdbc and odbc
> drivers. We probably should have revisited the decision once we knew
> that 7.2 would ship with md5 support in all client libraries --- but
> we didn't think to.

I did think of it but decided we couldn't release 7.2 that had crypt
broken for 7.1 clients. 90% of folks move moving to 7.2 are from 7.1,
and they don't want to be required to upgrade all their clients at the
same time as the server upgrade.

If no one objects, I will change the default to md5 encrypted pg_shadow
passwords for 7.3.

Objections? To use crypt in pre-7,2 clients, people will have to change
their postgresql.conf setting _before_ loading the database.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026