Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks - Mailing list pgsql-hackers

From Joshua Brindle
Subject Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks
Date
Msg-id CAGB+Vh6G05ke_N=FNwCUaDfc42RTwvY6LXAw0rV7wnJzz4xZ_Q@mail.gmail.com
Whole thread Raw
In response to Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks  (Tatsuo Ishii <ishii@sraoss.co.jp>)
Responses Re: Proposal: Support custom authentication methods using hooks,Re: Proposal: Support custom authentication methods using hooks
List pgsql-hackers
On Thu, Mar 3, 2022 at 11:50 PM Tatsuo Ishii <ishii@sraoss.co.jp> wrote:
>
> >> So, dropping plaintext password authentication support from libpq will
> >> make it impossible for users to use the former method.
> >
> > Yes, just like dropping support for md5 would make it impossible for
> > users to have their passwords be hashed with md5, which is an altogether
> > good thing considering how easy it is to brute-force md5 these days.
>
> I still don't understand why using plaintex password authentication
> over SSL connection is considered insecure. Actually we have been
> stating opposite in the manual:
> https://www.postgresql.org/docs/14/auth-password.html
>
> "If the connection is protected by SSL encryption then password can be
> used safely, though."

If you aren't doing client verification (i.e., cert in pg_hba) and are
not doing verify-full on the client side then a man-in-the-middle
attack on TLS is trivial, and the plaintext password will be
sniffable.

The documentation should be updated to say under no circumstances is this safe.



pgsql-hackers by date:

Previous
From: Erikjan Rijkers
Date:
Subject: Re: SQL/JSON: JSON_TABLE
Next
From: Jacob Champion
Date:
Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER