* Josh Berkus (josh@agliodbs.com) wrote:
> David, Stephen,
[Changed back to pgsql-hackers]
> Well, from our perspective, a random salt only protects against a very narrow
> range of attack types -- ones in which the attacker already has access to the
> physical database and wants to reverse-engineer user's passwords. We'd be
> much more interested in the implementation of more/better authentication
> mechanisms. See follow-up dicussion on pgsql-hackers.
I'm concerned about both using a random salt in pg_shadow and about
better documentation about what happens when you use 'md5' in
pg_hba.conf.
> Of course, if either of you *wrote* a random-salt patch for PostgreSQL, psql
> and libpq, then that would be a different story. I don't know that anyone
> has anything *against* a random salt. It's just not nearly as useful as,
> for example, implementing SHA1.
It was generally my understanding that it was better to get it
'sanctioned' and on the TODO list before just writing something up and
expecting it to be included. I've already offered elsewhere to work on
writing a random-salt patch for PostgreSQL targeted at 8.1 and this
encourages me further. I understand that I'd need to be sure it was
backwards compatible to some extent (do both older client <-> newer
server and newer client <-> older server need to work? I seem to recall
only older client <-> newer server had to work, but perhaps I'm not
remembering right).
Stephen
