Thread: [GENERAL] database access authentication: crypted passwords

Hi!
  For the first question, I remember hackers had decided not to implement
it - it is more important to send crypted passwords over the wires, right?

Oleg.
----    Oleg Broytmann     http://members.xoom.com/phd2/     phd2@earthling.net          Programmers don't die, they
justGOSUB without RETURN.
 

---------- Forwarded message ----------
Date: Sun, 1 Aug 1999 15:40:03 +0400 (MSD)
From: Dmitry Morozovsky <marck@rinet.ru>
To: pgsql-general@postgreSQL.org
Subject: [GENERAL] database access authentication: crypted passwords

Hello there.

Is there any workable solutions to use crypt()ed passwords in pg_shadow?

And, is there a plan to differentiate postgres super-user from other
superusers, so that they, e.g.,  cannot change other superusers records in
pg_shadow (only their own and non-superuser records)?

Thanx in advance.


Sincerely,
D.Marck                                   [DM5020, DM268-RIPE, DM3-RIPN]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru ***
------------------------------------------------------------------------

From: Oleg Broytmann <phd@emerald.netskate.ru>
>    For the first question, I remember hackers had decided not to implement
> it - it is more important to send crypted passwords over the wires, right?

No. You can do both. That decision was based on incomplete knowledge.

Gene Sokolov.

On Mon, 2 Aug 1999, Gene Sokolov wrote:
> >    For the first question, I remember hackers had decided not to implement
> > it - it is more important to send crypted passwords over the wires, right?
> 
> No. You can do both. That decision was based on incomplete knowledge.
  Aha, I haven't followd that thread carefully. Well, how I can do one
thing or another?

> Gene Sokolov.

Oleg.
----    Oleg Broytmann     http://members.xoom.com/phd2/     phd2@earthling.net          Programmers don't die, they
justGOSUB without RETURN.