Re: Postgresql -- initial impressions and comments - Mailing list pgsql-general

From Bruce Momjian
Subject Re: Postgresql -- initial impressions and comments
Date
Msg-id 200212032250.gB3Moel24734@candle.pha.pa.us
Whole thread Raw
In response to Re: Postgresql -- initial impressions and comments  (Scott Lamb <slamb@slamb.org>)
Responses Re: Postgresql -- initial impressions and comments
List pgsql-general
Scott Lamb wrote:
> > 2)
> > It's not clear what md5 password auth does.
> >
> > (a) Is the password stored as md5 in the database
> > itself, or only md5's on the wire (from client to
> > server) and then thereafter stored as plain text in
> > the db itself ?
>
> Ahh, good question. One of the other responses says it means both.
>
> That's disconcerting to me because I think it defeats the point of
> sending MD5 signatures on the wire - avoiding replay attacks. If it's
> stored in MD5 format on the server, it can't request it with a different
> salt every time (how would it compare them?), so you can just replay the
> MD5 transmission.
>
> The other way, though, a compromise of the database would mean a
> compromise of all the passwords.
>
> So it definitely would be helpful to have an answer to your question in
> with the description of the authentication types, so you could choose
> intelligently based on what you consider to be more likely risks.

7.3 stores encrypted MD5 passowords in database (7.2 it is optional).
We send random salt to client and client double-MD5 encrypts, so
playback will not work --- best of both worlds.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

pgsql-general by date:

Previous
From: Scott Lamb
Date:
Subject: Re: Postgresql -- initial impressions and comments
Next
From: Vince Vielhaber
Date:
Subject: Re: developer.postgresql.org