| From: | "Jim C(dot) Nasby" <decibel(at)decibel(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Paul Tillotson <pntil(at)shentel(dot)net>, Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
| Date: | 2005-04-21 04:40:25 |
| Message-ID: | 20050421044025.GB58835@decibel.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Apr 21, 2005 at 12:13:50AM -0400, Tom Lane wrote:
> It's worth pointing out also that adding a per-user-entry random salt
> to the password protocol is not some kind of penalty-free magic bullet.
> In particular it implies information leakage: I can tell from the
> password challenge (or lack of one) whether the username I have offered
> is valid. So rather than claiming "this is unconditionally a good thing
> to do", you must actually provide a credible scenario that makes the
> threat you are defending against more dangerous than the sorts of new
> threats we'll be exposed to. So far I haven't seen a very credible
> threat here.
I would think it wouldn't be hard to change the protocol/code so that
the response from providing an invalid user is the same as providing a
valid one.
--
Jim C. Nasby, Database Consultant decibel(at)decibel(dot)org
Give your computer some brain candy! www.distributed.net Team #1828
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim C. Nasby | 2005-04-21 04:43:53 | Re: Proposal for background vacuum full/cluster |
| Previous Message | Jim C. Nasby | 2005-04-21 04:36:57 | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |