From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Paul Tillotson <pntil(at)shentel(dot)net> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
Date: | 2005-04-22 00:59:45 |
Message-ID: | 20050422005945.GM29028@ns.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
* Paul Tillotson (pntil(at)shentel(dot)net) wrote:
> Maybe I misunderstood, but I thought that others were saying that, if
> someone gets the contents of pg_shadow, then
>
> - if you use only "password" in your pg_hba.conf, he has to break one of
> the hashes first in order to log in.
> - but if you use "md5" in your pg_hba.conf, then he doesn't have to
> break the hashes at all.
(in order to authenticate to your Postgres installation as a given user)
> Is this correct?
Yes, this is correct.
> I guess I personally felt "betrayed" when I heard this since I (naively)
Me too. :/
> assumed that the point of hashing passwords was to make it so that
> someone who is able to read your database is prevented from logging in
> and corrupting the data, installing root-kits, etc.
The hash in pg_shadow should only be visible to the database superuser,
or someone who has access to the unix account postgres runs as.
> Now I see that the point of md5 authenticate is to address an entirely
> different problem, namely, having the cleartext password being captured
> on the wire.
The intention of the 'md5' method in pg_hba.conf is to avoid having the
password go over the network in the clear, yes. Unfortunately, this
pretty much requires that the database have something which is
password-equivilant stored on disk.
Thanks,
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Greg Stark | 2005-04-22 03:03:41 | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
Previous Message | Paul Tillotson | 2005-04-22 00:53:51 | Re: Proposal for background vacuum full/cluster |