From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Jim Mercer <jim(at)reptiles(dot)org> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Encrypting pg_shadow passwords |
Date: | 2001-06-26 04:17:03 |
Message-ID: | 200106260417.f5Q4H4u28496@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> > The wire is clearly less secure than pg_shadow.
>
> ah, you've not had a client rooted lately.
I think most people would disagree.
> the wire is far more secure than many default OS installations.
Maybe time for a new OS. We run on some pretty secure OS's.
> i will not argue that the double-encryption stuff, and MD5 type stuff is
> better.
>
> however, forcing the dbadmin to store plain-text passwords in pg_shadow
> is at best unwise.
>
> giving them the option of my mods is a reasonable step towards allowing
> them to avoid that one-stop-shopping facility for crackers, without breaking
> any existing implementations for those who chose to walk what i consider
> an unsafe path.
The big problem is that when we make a change we have to also talk to
old clients to you would have a pretty complex setup to have 'password'
encryption passing the same crypt over the wire all the time. If not,
why not use 'crypt' authentication.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2001-06-26 04:20:40 | Re: Encrypting pg_shadow passwords |
Previous Message | Jim Mercer | 2001-06-26 04:12:46 | Re: Encrypting pg_shadow passwords |