| From: | "Frank Ch(dot) Eigler" <fche(at)redhat(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Re: Encrypting pg_shadow passwords |
| Date: | 2001-06-27 16:27:08 |
| Message-ID: | 20010627122708.D7873@redhat.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi -
tgl wrote:
: The 'passwd' mode wouldn't be affected, but the 'crypt' mode would be;
: it would become less secure than it is now, because the server would be
: forced to send the same salt always, and so a captured encrypted
: password would be just as useful as a captured plaintext one. That's
: the step backwards.
Oh, I see finally. You already put a custom little
challenge/response authentication scheme into postgresql,
and want to keep that working. (May I ask when/why that
went in at all? Was lower-layer encryption not an option?)
At least, it looks like the choice of authentication protocol is a
server-side decision. Backward-compatibility for old clients can
be forced by the adminstrator, whether the server switches to
encrypted password storage, and/or to lower-level encryption.
- FChE
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-06-27 16:27:49 | pg_largeobject is a security hole |
| Previous Message | Jan Wieck | 2001-06-27 16:14:54 | Re: functions returning records |