> > > If CL sends the MD5 of the username rather than the plaintext username,
> > > only CL and PG will know what the username is. PG will know it by
> > > comparing it with the MD5 of every username in pg_shadow. So even if the
> > > wire is being sniffed the unhashed username can be used in the password's
> > > encryption along with the salt sent by PG. This method will take longer
> > > for a user to log in, but the login process is only per session, not per
> > > SQL call.
> >
> > A linear search of pg_shadow to log in is not acceptable; we don't want
> > to make login any slower than we have to. I see no real gain in security
> > from doing this anyway...
>
> By knowing what PG will do with the username and random salt, sniffing
> the wire can make guessing the password trivial. If the username was
> never sent over the wire in the clear the unhashed username is an unknown
> salt to he who is sniffing. But it's true that it would introduce a
> slower than necessary login.
>
Does it? I thought it was the password being run through MD5 that made
it secure.
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill,
Pennsylvania19026