Skip site navigation (1) Skip section navigation (2)

Re: Encrypting pg_shadow passwords

From: fche(at)redhat(dot)com (Frank Ch(dot) Eigler)
To: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Encrypting pg_shadow passwords
Date: 2001-06-27 13:58:08
Message-ID: o5lmmegh3j.fsf@toenail.toronto.redhat.com (view raw or flat)
Thread:
Lists: pgsql-hackers
pgman wrote:

: OK, I get you now.  Why not ask the client to do a crypt and compare
: that to pg_shadow.  [...]

You can't trust the client to do the one-way encryption, for then the
encrypted password becomes plaintext-equivalent - it defeats the
purpose.  (The SMB protocol apparently suffers or suffered from a
similar flaw.)


tgl wrote:

: What this discussion seems to come down to is whether we should take a
: backward step in one area of security (security against wire-sniffing)
: to take a forward step in another (not storing plaintext passwords).
: [...]

It seems to me that the two issues are orthogonal.  Authentication and
confidentiality are not mutually dependent or reinforcing, and thus
generally need separate mechanisms.


- FChE

In response to

Responses

pgsql-hackers by date

Next:From: Thomas LockhartDate: 2001-06-27 14:03:21
Subject: Re: postgresql 7.1.1 and textout and textin
Previous:From: Tatsuo IshiiDate: 2001-06-27 13:50:19
Subject: Re: stuck spin lock with many concurrent users

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group