Hashing passwords (was Updated TODO list)
| От | Gene Sokolov |
|---|---|
| Тема | Hashing passwords (was Updated TODO list) |
| Дата | |
| Msg-id | 052901bec9f7$8f415080$0d8cdac3@aktrad.ru обсуждение |
| Ответ на | Re: [HACKERS] Updated TODO list (Bruce Momjian <maillist@candle.pha.pa.us>) |
| Ответы |
Re: Hashing passwords (was Updated TODO list)
|
| Список | pgsql-hackers |
From: Bruce Momjian <maillist@candle.pha.pa.us> > > > ADMIN > > > > > How about: > > * Not storing passwords in plain text > > But we don't, do we? I thougth they were hashed. maybe I miss something but it does not look so to me: [PostgreSQL 6.5.0 on i386-unknown-freebsd3.2, compiled by gcc 2.7.2.1] test1=> select * from pg_shadow; usename |usesysid|usecreatedb|usetrace|usesuper|usecatupd|passwd|valuntil --------+--------+-----------+--------+--------+---------+------+----------- ----------------- postgres| 2000|t |t |t |t | |Sat Jan 31 09:00:00 2037 MSK afmmgr | 2001|f |t |f |t |mgrpwd| afmusr | 2002|f |t |f |t |usrpwd| (3 rows)
В списке pgsql-hackers по дате отправления: