Security WAS RE: [HACKERS] Updated TODO list - Mailing list pgsql-hackers

From Ansley, Michael
Subject Security WAS RE: [HACKERS] Updated TODO list
Date
Msg-id 1BF7C7482189D211B03F00805F8527F70ED046@S-NATH-EXCH2
Whole thread Raw
Responses RE: Security WAS RE: [HACKERS] Updated TODO list
List pgsql-hackers
I think the point is that you wouldn't, but the most important part is to
get it off the wire.  Let someone do that first, and then worry about what
the administrator can see.  One would hope that your administrator is more
trustworthy than joe hacker out on the network.


>> Why would you want to make it visible to anyone?  
>> 
>> Vince.

As a user, I would be extremely concerned if I knew that my password was
fairly transparent on the network, but less so if I knew that the wire was
safe, although my admin could see it.  First prize would, of course, be
total secrecy.


MikeA


pgsql-hackers by date:

Previous
From: "Ansley, Michael"
Date:
Subject: RE: [HACKERS] MAX Query length
Next
From: "Gene Sokolov"
Date:
Subject: Re: Password thread (was: Re: [HACKERS] Updated TODO list)