Re: You're on SecurityFocus.com for the cleartext passwords.

Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> Tom Lane writes:

>> How will dump/restore and upgrades cope with crypted passwords?

> We could distribute a sed or awk script that you have to run on the dumped
> file to convert the copy to create user commands. Shouldn't be hard to
> write, it's just a question of whether people want to put up with it. It
> seems cleaner than any of the "magic hooks" that have been proposed.

To my mind the real advantage of doing it in a trigger is that
CREATE USER WITH PASSWORD and ALTER USER SET PASSWORD can accept
*either* cleartext or already-hashed password data. That seems
nicer than forcing the user to deal with two syntaxes, upgrade
scripts, etc.

> Actually, I have some ideas in the pipe that would indeed change the
> layout of pg_shadow slightly, so this might have to happen anyway.

How far down the pipe? It'd be nice if we could fix pg_dumpall to
dump CREATE USER commands a version before we actually need it ;-).
I'd like to change the script for 7.1 (or maybe even 7.0.1) but keep
backwards compatibility for the old-style dump scripts until 7.2.
(At the moment I'm kind of kicking myself for not having fixed the
problem when I saw it, but there was no talk of pg_shadow changes
in the air at the time.)

regards, tom lane