Home > mailing lists

Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
Date	April 20, 2005 22:17:44
Msg-id	6250.1114035460@sss.pgh.pa.us Whole thread Raw
In response to	Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses	Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Andrew Dunstan <andrew@dunslane.net>) Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords ("David F. Skoll" <dfs@roaringpenguin.com>)
List	pgsql-hackers

Tree view

Bruce Momjian <pgman@candle.pha.pa.us> writes:
> That's what I told him.  I think his concern about pre-computed hashes
> is the only real issue, and give 'postgres' is usually the super-user, I
> can see someone pre-computing md5 postgres hashes and doing quick
> comparisons, perhaps as a root kit so you don't have to do the hashing
> yourself.   I personally don't find that very compelling either.

Lessee ... we'll include a complete password hash table in a root kit,
which will be used at a point where we've already managed to read
pg_shadow but are somehow still lacking the ability to do anything else
we could want to the database ... nope, not very compelling.
        regards, tom lane

pgsql-hackers by date:

From: Tom Lane
Date: 20 April 2005, 22:13:54
Subject: Re: Problem with PITR recovery

From: Bruce Momjian
Date: 20 April 2005, 22:20:05
Subject: Re: Problem with PITR recovery

Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords - Mailing list pgsql-hackers

Previous

Next