| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Jim Mercer <jim(at)reptiles(dot)org> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Encrypting pg_shadow passwords |
| Date: | 2001-06-26 04:17:03 |
| Message-ID: | 200106260417.f5Q4H4u28496@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> > The wire is clearly less secure than pg_shadow.
>
> ah, you've not had a client rooted lately.
I think most people would disagree.
> the wire is far more secure than many default OS installations.
Maybe time for a new OS. We run on some pretty secure OS's.
> i will not argue that the double-encryption stuff, and MD5 type stuff is
> better.
>
> however, forcing the dbadmin to store plain-text passwords in pg_shadow
> is at best unwise.
>
> giving them the option of my mods is a reasonable step towards allowing
> them to avoid that one-stop-shopping facility for crackers, without breaking
> any existing implementations for those who chose to walk what i consider
> an unsafe path.
The big problem is that when we make a change we have to also talk to
old clients to you would have a pretty complex setup to have 'password'
encryption passing the same crypt over the wire all the time. If not,
why not use 'crypt' authentication.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-06-26 04:20:40 | Re: Encrypting pg_shadow passwords |
| Previous Message | Jim Mercer | 2001-06-26 04:12:46 | Re: Encrypting pg_shadow passwords |