Re: Re: Encrypting pg_shadow passwords - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Re: Encrypting pg_shadow passwords
Date
Msg-id 3252.993569271@sss.pgh.pa.us
Whole thread Raw
In response to Encrypting pg_shadow passwords  (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses Re: Re: Encrypting pg_shadow passwords
List pgsql-hackers
Bruce Momjian <pgman@candle.pha.pa.us> writes:
> The only reason to add double-crypt is so we can continue to use
> /etc/passwd entries on systems that use crypt() in /etc/passwd.

In the long run, though, we want to drop crypt(3) usage entirely.
It's just too much of a pain in the neck to depend on the C library's
crypt(), for two reasons:

1. It's not in libc on all systems, leading to constant problems when
linking clients, particularly with shared libraries that have to have
a dependency on another shared library because of this.  (Search the
archives for problems about "can't find crypt".  There are many such
reports.)

2. crypt() isn't guaranteed compatible across platforms, meaning that
your clients may be unable to log in anyway.  See for example
http://fts.postgresql.org/db/mw/msg.html?mid=57516

Using our own MD5 (or whatever) code will avoid these problems.
        regards, tom lane


pgsql-hackers by date:

Previous
From: Tom Lane
Date:
Subject: Re: Re: Encrypting pg_shadow passwords
Next
From: Bruce Momjian
Date:
Subject: Re: Re: Encrypting pg_shadow passwords