| From: | Jeff Davis <list-pgsql-general(at)dynworks(dot)com> |
|---|---|
| To: | Travis Bauer <trbauer(at)indiana(dot)edu> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: [general] Permissions |
| Date: | 2001-11-13 00:00:40 |
| Message-ID: | 200111130003.QAA19327@smtp.ucsd.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Monday 12 November 2001 03:16 pm, you wrote:
> Thank you. This worked. In testing it out, I noticed that postgres only
> considers the first eight charaters of the password. So
>
> abcdefghijklm
> abcdefghmlkji
>
> are considered the same by postgres. Is that correct?
Well... sort of. It isn't so much Postgres as crypt(). crypt() only hashes
the first 8 characters. I wonder if postgres supports md5 encryption instead?
md5 is considered more secure and allows for longer passwords.
Regards,
Jeff
>
> Travis
>
> On Monday 12 November 2001 01:01, Jeff Davis enlightened me by saying:
> > PostgreSQL has, it seems, a somewhat weak permissions system, although it
> > definately gets the job done.
> >
> > What you can do is have a seperate pg_hba.conf entry for every
> > user/database combination you would like to be able to connect. To make
> > this work, make a seperate password file for each user using pg_passwd.
> > Lets say you call two files a_passwd and b_passwd (in accordance with
> > your example), then make the lines:
>
> . . .
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jason Earl | 2001-11-13 00:13:26 | Re: 7.0.2 -> 7.1 performance drop |
| Previous Message | Tom Lane | 2001-11-12 23:55:08 | Re: [general] Permissions |