Re: MD5 authentication needs help
| От | Stephen Frost |
|---|---|
| Тема | Re: MD5 authentication needs help |
| Дата | |
| Msg-id | 20150305161555.GV29780@tamriel.snowman.net обсуждение |
| Ответ на | Re: MD5 authentication needs help (Bruce Momjian <bruce@momjian.us>) |
| Ответы |
Re: MD5 authentication needs help
|
| Список | pgsql-hackers |
* Bruce Momjian (bruce@momjian.us) wrote: > On Wed, Mar 4, 2015 at 05:56:25PM -0800, Josh Berkus wrote: > > So, are we more worried about attackers getting a copy of pg_authid, or > > sniffing the hash on the wire? > > Both. Stephen is more worried about pg_authid, but I am more worried > about sniffing. I'm also worried about both, but if the admin is worried about sniffing in their environment, they're much more likely to use TLS than to set up client side certificates, kerberos, or some other strong auth mechanism, simply because TLS is pretty darn easy to get working and distros set it up for you by default. Thanks, Stephen
В списке pgsql-hackers по дате отправления: