Home > mailing lists

Re: Re: Encrypting pg_shadow passwords - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Re: Encrypting pg_shadow passwords
Date	June 27, 2001 14:47:41
Msg-id	8434.993656074@sss.pgh.pa.us Whole thread Raw
In response to	Re: Re: Encrypting pg_shadow passwords (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Re: Encrypting pg_shadow passwords ("Frank Ch. Eigler" <fche@redhat.com>)
List	pgsql-hackers

Tree view

"Frank Ch. Eigler" <fche@redhat.com> writes:
> Having scanned over the discussion again, my understanding is that Jim's
> proposed changes don't affect backwards compatibility.  As long as user
> passwords continue to be passed in plaintext to the server, the server
> can store encrypted passwords in the authentication table.

The 'passwd' mode wouldn't be affected, but the 'crypt' mode would be;
it would become less secure than it is now, because the server would be
forced to send the same salt always, and so a captured encrypted
password would be just as useful as a captured plaintext one.  That's
the step backwards.
        regards, tom lane

pgsql-hackers by date:

From: Alex Pilosov
Date: 27 June 2001, 14:46:59
Subject: Re: functions returning records

From: Tom Lane
Date: 27 June 2001, 15:08:44
Subject: Re: Re: 7.2 items

Re: Re: Encrypting pg_shadow passwords - Mailing list pgsql-hackers

Previous

Next