On Wed, Nov 13, 2013 at 03:23:29AM -0500, Jeffrey Walton wrote:
> The following is used to key a channel (it appears to be used in the
> AUTH_REQ_MD5 in fe-auth.c).
>
> Four bytes is a tad bit small, and time based does not leave much to
> the imagination. Also, it looks like its susceptible to VM roillbacks.
Yes, it is too small. The odds of salt replay are in the 10k-connection
range. However, to fix it, we would need a new wire protocol version.
:-(
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +