| From: | "Jim C(dot) Nasby" <decibel(at)decibel(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, pgsql-hackers(at)postgresql(dot)org, bugtraq(at)securityfocus(dot)com |
| Subject: | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
| Date: | 2005-04-20 22:08:30 |
| Message-ID: | 20050420220830.GV58835@decibel.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Apr 20, 2005 at 06:03:18PM -0400, Tom Lane wrote:
> Well, I have no particular problem with offering SHA1 as an alternative
> hash method for those who find MD5 too weak ... but I still question the
> value of putting any random salt in the table. AFAICS you would have to
> send that salt as part of the initial password challenge, which means
> any potential attacker could find it out even before trying to
> compromise pg_shadow; so Stephen's argument that there is a useful
> improvement in protection against precomputation of password hashes
> still falls down.
>
> BTW, one could also ask exactly what threat model Stephen is concerned
> about. ISTM anyone who can obtain the contents of pg_shadow has
> *already* broken your database security.
FWIW, I do think there's some benefit to not being able to pre-compute
an entire hash table for accounts such as 'postgres' and 'www'. But I
agree it would be useful to know the actual threat model.
--
Jim C. Nasby, Database Consultant decibel(at)decibel(dot)org
Give your computer some brain candy! www.distributed.net Team #1828
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
FreeBSD: "Are you guys coming, or what?"
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2005-04-20 22:10:42 | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
| Previous Message | Jim C. Nasby | 2005-04-20 22:05:56 | Proposal for background vacuum full/cluster |