Re: chkpass Major Issue - compares 'contains' and not 'equal'

Поиск
Список
Период
Сортировка
От David G. Johnston
Тема Re: chkpass Major Issue - compares 'contains' and not 'equal'
Дата
Msg-id CAKFQuwbkHkCjbg+BtLg-7P+D1Ma=Yn6N=POc+jCjLGdTU3iozg@mail.gmail.com
обсуждение исходный текст
Ответ на chkpass Major Issue - compares 'contains' and not 'equal'  (Eyedia Tech <eyedia@debjyoti.com>)
Ответы Re: chkpass Major Issue - compares 'contains' and not 'equal'  (D'Arcy Cain <darcy@druid.net>)
Список pgsql-bugs
Дерево обсуждения
On Thursday, June 7, 2018, Eyedia Tech <eyedia@debjyoti.com> wrote:
To replicate use this:

create table "user" (uname text, password chkpass);
insert into "user" values ('user1', 'password')
select * from "user" where uname = 'user1' and password = 'password1'

This is a major issue.

It is also a documented limitation.

The encryption uses the standard Unix function crypt(), and so it suffers from all the usual limitations of that function; notably that only the first eight characters of a password are considered.


At this point I'd consider its presence here for backward compatibility only and as such the behavior is not something that is likely to be changed.

David J.

В списке pgsql-bugs по дате отправления:

Предыдущее
От: Dmitry Dolgov
Дата:
Сообщение: Re: BUG #15212: Default values in partition tables don't work asexpected and allow NOT NULL violation
Следующее
От: Tom Lane
Дата:
Сообщение: Re: chkpass Major Issue - compares 'contains' and not 'equal'