Why should anyone be able to read cleartext passwords, or even need to?
People have a habit of reusing the same password for logins elsewhere.
Hash the password as it's entered and compare hashes. This way, even if
the password file (PostgreSQL's or the system's) is compromised, the
attacker gains no extra information.
Ciao--Louis <louis@bertrandtech.on.ca>
Louis Bertrand http://www.bertrandtech.on.ca
Bertrand Technical Services, Bowmanville, ON, Canada
Tel: +1.905.623.8925 Fax: +1.905.623.3852
OpenBSD: Secure by default. http://www.openbsd.org/
On Fri, 9 Jul 1999, Bruce Momjian wrote:
> [Charset iso-8859-1 unsupported, filtering to ASCII...]
> > From: Bruce Momjian <maillist@candle.pha.pa.us>
> > > > > ADMIN
> > > > >
> > > > How about:
> > > > * Not storing passwords in plain text
> > >
> > > But we don't, do we? I thougth they were hashed.
> >
> > maybe I miss something but it does not look so to me:
> >
> > [PostgreSQL 6.5.0 on i386-unknown-freebsd3.2, compiled by gcc 2.7.2.1]
> >
> > test1=> select * from pg_shadow;
> > usename |usesysid|usecreatedb|usetrace|usesuper|usecatupd|passwd|valuntil
> > --------+--------+-----------+--------+--------+---------+------+-----------
> > -----------------
> > postgres| 2000|t |t |t |t | |Sat Jan 31
> > 09:00:00 2037 MSK
> > afmmgr | 2001|f |t |f |t |mgrpwd|
> > afmusr | 2002|f |t |f |t |usrpwd|
> > (3 rows)
>
> Yes, I remember now. We keep them in clear, because we send random
> salt-encrypted versions over the wire. Only Postgresql can read this
> table.
>
>
> --
> Bruce Momjian | http://www.op.net/~candle
> maillist@candle.pha.pa.us | (610) 853-3000
> + If your life is a hard drive, | 830 Blythe Avenue
> + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
>
>
>