| From: | Sam Barnett-Cormack <s(dot)barnett-cormack(at)lancaster(dot)ac(dot)uk> |
|---|---|
| To: | Raphael Bauduin <raphael(at)be(dot)easynet(dot)net> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: wrong password accepted |
| Date: | 2003-08-29 13:22:07 |
| Message-ID: | Pine.LNX.4.50.0308291421200.25177-100000@short.lancs.ac.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Fri, 29 Aug 2003, Raphael Bauduin wrote:
> Hi,
>
> this is a strange situation I just discovered on a postgresql
> 7.2.1-2woody2 (Debian as you can see...). I use pg_hba to specify
> password ahtentications for clients. HEre's the line:
> host all 127.0.0.1 255.255.255.0 password pass-file
>
> I just discovered that when I use the correct password to whach I append
> text, it is accepted (though this is not correct...)
> For example, if my password is postgres, the following will also be
> accepted: postgresql, postgresblabla, postgres2 ...... but it will
> reject postgrex eg.
If the password mechanism uses standard crypt() passwords, then only the
first eight letters count. It just happens that postgres is eight
letters long.
This has been a public service educated guess.
--
Sam Barnett-Cormack
Software Developer | Student of Physics & Maths
UK Mirror Service (http://www.mirror.ac.uk) | Lancaster University
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2003-08-29 13:45:52 | Re: Can not deleted all record |
| Previous Message | Raphael Bauduin | 2003-08-29 13:12:40 | wrong password accepted |