Skip site navigation (1) Skip section navigation (2)

Re: Re: Encrypting pg_shadow passwords

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Frank Ch(dot) Eigler" <fche(at)redhat(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Re: Encrypting pg_shadow passwords
Date: 2001-06-27 16:33:19
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
"Frank Ch. Eigler" <fche(at)redhat(dot)com> writes:
> Oh, I see finally.  You already put a custom little
> challenge/response authentication scheme into postgresql,
> and want to keep that working.  (May I ask when/why that
> went in at all?

Long before any of the current generation of developers, AFAIK.

> Was lower-layer encryption not an option?)

What lower layer?  This code predates SSL by a good bit.

In any case, as several people have pointed out, one may well want to
guard one's password more carefully than one guards the entire session
contents.  Running SSL on a session that may transfer many megabytes
is a lot of overhead.

			regards, tom lane

In response to


pgsql-hackers by date

Next:From: Jan WieckDate: 2001-06-27 16:40:46
Subject: Re: functions returning records
Previous:From: Peter EisentrautDate: 2001-06-27 16:29:51
Subject: Re: Re: 7.2 items

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group