Home > mailing lists

Re: Re: Encrypting pg_shadow passwords - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Re: Encrypting pg_shadow passwords
Date	June 27, 2001 14:08:39
Msg-id	8312.993654458@sss.pgh.pa.us Whole thread Raw
In response to	Re: Encrypting pg_shadow passwords (fche@redhat.com (Frank Ch. Eigler))
Responses	Re: Re: Encrypting pg_shadow passwords ("Frank Ch. Eigler" <fche@redhat.com>)
List	pgsql-hackers

Tree view

fche@redhat.com (Frank Ch. Eigler) writes:
> tgl wrote:
> : What this discussion seems to come down to is whether we should take a
> : backward step in one area of security (security against wire-sniffing)
> : to take a forward step in another (not storing plaintext passwords).

> It seems to me that the two issues are orthogonal.

In the abstract yes, but not when you have a constraint that you can't
change the protocol or the client-side code.  Remember we are talking
about a backwards-compatibility mode.
        regards, tom lane

pgsql-hackers by date:

From: Jan Wieck
Date: 27 June 2001, 13:59:49
Subject: Re: functions returning records

From: Peter Eisentraut
Date: 27 June 2001, 14:17:26
Subject: Re: Re: 7.2 items

Re: Re: Encrypting pg_shadow passwords - Mailing list pgsql-hackers

Previous

Next