Home > mailing lists

Re: Open 7.3 items - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Open 7.3 items
Date	August 1, 2002 00:11:49
Msg-id	200208010105.g7115Dj10213@candle.pha.pa.us Whole thread Raw
In response to	Re: Open 7.3 items (Ron Snyder <snyder@roguewave.com>)
Responses	Re: Open 7.3 items ("Marc G. Fournier" <scrappy@hub.org>)
List	pgsql-hackers

Tree view

Ron Snyder wrote:
> > 
> > Yes, is that your pg_hba.conf line?  'password' is insecure over
> > networks you don't trust.
> 
> Yes, we're using 'password password' in our pg_hba.conf file.  I trust my
> network (so far).

That is another major limitation to secondary password files.  In fact,
md5 will not even work because we assume the username is used as the
salt for the md5 encryption.  We don't store the salt as part of the
encrypted password like crypt does.  

This was another reason secondary password files were discouraged.

Let me look at adding the colon password capability and see what it
looks like.

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026

pgsql-hackers by date:

From: Ron Snyder
Date: 31 July 2002, 22:12:23
Subject: Re: Open 7.3 items

From: Curt Sampson
Date: 01 August 2002, 00:27:52
Subject: Re: Rules and Views

Re: Open 7.3 items - Mailing list pgsql-hackers

Previous

Next