Re: You're on SecurityFocus.com for the cleartext passwords.
От | Robert B. Easter |
---|---|
Тема | Re: You're on SecurityFocus.com for the cleartext passwords. |
Дата | |
Msg-id | 00050710572202.04750@comptechnews обсуждение исходный текст |
Ответ на | Re: You're on SecurityFocus.com for the cleartext passwords. (Bruce Momjian <pgman@candle.pha.pa.us>) |
Список | pgsql-hackers |
On Sun, 07 May 2000, you wrote: > So, if someone can see those hashes, why don't they just create > themselves a new user, grant it full privileges to the database and > play? I know, they can do anything. But creating a new user is something very obvious that the admin will see. The breach of security would be detectable. If they can get in with the hashes, they can be very sneaky and it would take a long time to detect. The cracker shouldn't able to compromise a current users account without having to even change the password on it. Its better to force the cracker have to create an account than to let him do bad things as you whenever he wants. Would you like the feeling of never knowing that maybe someone has your hash and is able to get in without you knowing? Your password becomes useless. Really, sensitive information in the database could be insecure over a long period of time and it would never be detectable. You'd just have to change your password frequently to ensure that you are the only one that can get in. Its better to make a security system where the alarm will go off. If your competitor is able to get into the database as you, because he got your hash after hiring some cracker to get it, he can learn all your trade secrets and always find a way to have the advantage. You and your company might have a hard time figuring out whats going on because, so to speak, the security on the database has no alarm. I agree that the MD5 double hash solution fixes the immediate problem. Its just not going to be a complete security solution. -- Robert B. Easter reaster@comptechnews.com
В списке pgsql-hackers по дате отправления: