Re: [HACKERS] Solution to the pg_user passwd problem !?? (c)

From: Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us>
To: brett(at)work(dot)chicken(dot)org (Brett McCormick)
Cc: jwieck(at)debis(dot)com, Andreas(dot)Zeugswetter(at)telecom(dot)at, pgsql-hackers(at)hub(dot)org
Subject: Re: [HACKERS] Solution to the pg_user passwd problem !?? (c)
Date: 1998-02-19 18:16:23
Message-ID: 199802191816.NAA10309@candle.pha.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

>
>
> Have we considering using the unix crypt function for passwords? That
> way it wouldn't matter (as much) if people saw the password, and would
> still be (somewhat less) secure.
>
> On Thu, 19 February 1998, at 15:55:07, Jan Wieck wrote:

I don't know what the problem with using crypt was. It may be because
he passes a random salt to the user, and the user makes the password
packet with the given salt and returns it to the backend. If we use
crypt, we have to send a plaintext password over the network, don't we?

--
Bruce Momjian
maillist(at)candle(dot)pha(dot)pa(dot)us

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 1998-02-19 18:17:49 Re: AW: [HACKERS] Solution to the pg_user passwd problem !?? (c)
Previous Message D. Dante Lorenso 1998-02-19 18:15:18 Re: [HACKERS] Solution to the pg_user passwd problem !?? (c)