Re: pg_shadow / pg_user

You are correct. Pre-7.2 required this because of the way passwords
from the client were comparied. 7.2 has a postgresql.conf setting
"password_encryption" which controls whether passwords are stored on the
server encrypted or plaintext. The only reason this is false in 7.2 by
default is that once it is true, you can't communicate with pre-7.2
clients. There is also an ENCRYPTED option to the PASSWORD clause of
CREATE USER that forces the password to be stored encrypted. Again,
works fine with 7.2 clients but not with 7.1 and earlier.

---------------------------------------------------------------------------

Rudi wrote:
> Hi friends,
>
> I've been learning about security using Pg lately.
> Up until last night I thought system user passwords were stored safely away in pg_user.
> So far I haven't been able to get any passwords out only '*******'.
> Then last night was observing each system table and found that pg_shadow stores user passwords in clear text.
> ??
> pg_shadow = clear text password
> pg_user = hidden password
>
> I guess this means if an intruder gets an appropriate account on the box the can view all passwords.
> I had assumed that system passwords were stored hidden from all eye balls.
> Sort of like apache storing http passwords in binary form in a db.
>
> Is this how it is ?
>
> If so I was thinking I like to know if someone tries or succeeds in querying the pg_shadow table.
> I thought maybe to increase the postmaster debug level so that all sql queries are logged.
> Then write a cron job to check this log and email me if it is detected that a user is attempted or did query
> the pg_shadow table.
>
> How does this sound ?
> Am I totaly on track ?
>
> Thank for your time and attention
> Kind regards
> Rudi.
>
>
>
>
>
>

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026