| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jim Mercer <jim(at)reptiles(dot)org>, Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Re: Encrypting pg_shadow passwords |
| Date: | 2001-06-26 23:17:21 |
| Message-ID: | 200106262317.f5QNHLh03898@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Bruce Momjian writes:
>
> > The only reason to add double-crypt is so we can continue to use
> > /etc/passwd entries on systems that use crypt() in /etc/passwd.
>
> On the sites that are most likely to utilize that (because they have a lot
> of users) it won't work (because they use NIS). There are better ways to
> do that (e.g., PAM).
>
> Also, see http://httpd.apache.org/docs/misc/FAQ.html#passwdauth
Thanks. That was a nice description. Seems no one is worried about
losing /etc/passwd capability so I will not worry about doing
double-crypt and concentrate on md5. I just didn't want to remove
functionality before warning people.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Reinoud van Leeuwen | 2001-06-26 23:25:23 | Re: functions returning records |
| Previous Message | Alex Pilosov | 2001-06-26 22:02:46 | Re: New data type: uniqueidentifier |