Home > mailing lists

Re: Re: Proposal for encrypting pg_shadow passwords - Mailing list pgsql-patches

From	Tom Lane
Subject	Re: Re: Proposal for encrypting pg_shadow passwords
Date	August 16, 2001 12:59:55
Msg-id	9419.997969088@sss.pgh.pa.us Whole thread Raw
In response to	Re: Re: Proposal for encrypting pg_shadow passwords (Bruce Momjian <pgman@candle.pha.pa.us>)
List	pgsql-patches

Tree view

Bruce Momjian <pgman@candle.pha.pa.us> writes:
> OK, patch attached.  Pretty nifty. Try MD5 first, and if it fails, try
> crypt.

What???

Where did *that* idea come from?  If I'm using the new auth method
because I don't think the old one is secure, I sure as heck don't want
an old (or deliberately-broken) client to cause a fallback to a less
secure method.

If MD5 is specified in the config file, and the client doesn't support
it, then you *fail*.  Full stop.

            regards, tom lane

pgsql-patches by date:

From: Bruce Momjian
Date: 16 August 2001, 12:57:30
Subject: Re: Re: Proposal for encrypting pg_shadow passwords

From: Bruce Momjian
Date: 16 August 2001, 13:02:38
Subject: Re: JDBC Array Support, Take III

Re: Re: Proposal for encrypting pg_shadow passwords - Mailing list pgsql-patches

Previous

Next