Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
Date
Msg-id 20050421181843.GC29028@ns.snowman.net
Whole thread Raw
In response to Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords  (Stephen Frost <sfrost@snowman.net>)
Responses Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
List pgsql-hackers
* Josh Berkus (josh@agliodbs.com) wrote:
> David, Stephen,

[Changed back to pgsql-hackers]

> Well, from our perspective, a random salt only protects against a very narrow
> range of attack types -- ones in which the attacker already has access to the
> physical database and wants to reverse-engineer user's passwords.  We'd be
> much more interested in the implementation of more/better authentication
> mechanisms.   See follow-up dicussion on pgsql-hackers.

I'm concerned about both using a random salt in pg_shadow and about
better documentation about what happens when you use 'md5' in
pg_hba.conf.

> Of course, if either of you *wrote* a random-salt patch for PostgreSQL, psql
> and libpq, then that would be a different story.   I don't know that anyone
> has anything *against* a random salt.   It's just not nearly as useful as,
> for example, implementing SHA1.

It was generally my understanding that it was better to get it
'sanctioned' and on the TODO list before just writing something up and
expecting it to be included.  I've already offered elsewhere to work on
writing a random-salt patch for PostgreSQL targeted at 8.1 and this
encourages me further.  I understand that I'd need to be sure it was
backwards compatible to some extent (do both older client <-> newer
server and newer client <-> older server need to work?  I seem to recall
only older client <-> newer server had to work, but perhaps I'm not
remembering right).
Stephen

pgsql-hackers by date:

Previous
From: Stephen Frost
Date:
Subject: Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
Next
From: Andrew Dunstan
Date:
Subject: Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords