Skip site navigation (1) Skip section navigation (2)

Re: Open 7.3 items

From: "Marc G(dot) Fournier" <scrappy(at)hub(dot)org>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Ron Snyder <snyder(at)roguewave(dot)com>,Neil Conway <nconway(at)klamath(dot)dyndns(dot)org>,PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Open 7.3 items
Date: 2002-08-01 01:50:34
Message-ID: 20020731225017.Q83339-100000@mail1.hub.org (view raw or flat)
Thread:
Lists: pgsql-hackers
On Wed, 31 Jul 2002, Bruce Momjian wrote:

> Ron Snyder wrote:
> > >
> > > Yes, is that your pg_hba.conf line?  'password' is insecure over
> > > networks you don't trust.
> >
> > Yes, we're using 'password password' in our pg_hba.conf file.  I trust my
> > network (so far).
>
> That is another major limitation to secondary password files.  In fact,
> md5 will not even work because we assume the username is used as the
> salt for the md5 encryption.  We don't store the salt as part of the
> encrypted password like crypt does.
>
> This was another reason secondary password files were discouraged.

discouraged??  where? :)



In response to

Responses

pgsql-hackers by date

Next:From: Christopher Kings-LynneDate: 2002-08-01 02:06:07
Subject: Re: Trimming the Fat, Part Deux ...
Previous:From: Marc G. FournierDate: 2002-08-01 01:48:56
Subject: Re: Open 7.3 items

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group