On Fri, Jun 14, 2002 at 10:54:35AM -0400, murphy pope wrote:
> So, to me, it doesn't seem that 'md5' is much more secure than 'crypt'. The
> user/password hash stored in pg_pwd is essentially a plaintext password.
> What am I missing here?
I think the main reason is that if someone can log into the machine, access
the password file directly (probably via root), then you have more serious
problems than someone impersonating someone else on a connection. They could
simply suck your entire database out and read it elsewhere.
As for making it more secure, I would say to use a one-way hash on disk
(similar to /etc/passwd) and then connection via SSL to stop the password
being sniffed. But isn't this what happens already?
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> There are 10 kinds of people in the world, those that can do binary
> arithmetic and those that can't.