Thread

  1. Re: Proposal for encrypting pg_shadow passwords

    Jim Mercer <jim@reptiles.org> — 2001-06-26T03:18:20Z

    On Mon, Jun 25, 2001 at 11:04:15PM -0400, Bruce Momjian wrote:
    > password:  plaintext password is sent over network from client
    > 	   to server
    > 
    > crypt:  random salt is sent to client;  client encrypts using that salt
    > and returns encrypted password to server.  Server encrypts pg_shadow
    > password with same random salt and compares.  This is why current
    > pg_shadow password is cleartext.  (Call this "crypt authentication".)
    
    did you see my post of a week or so ago?
    
    host dbname ipaddr netmask password /some/file
     - uses second field of /some/file, as per /etc/passwd
     - compares second field of /some/file with crypt(clear-text)
    
    host dbname ipaddr netmask crypt (no file specified)
     - as above
    
    host dbname ipaddr netmask password (no file specified)
     - same as if the line was s/password/crypt/g
    
    i have mods that allow (in a completely backward compatible fashion)
    
    host dbname ipaddr netmask password pg_shadow
     - uses password from pg_shadow
     - compares pg_shadow->password with crypt(clear-text)
    
    while i applaud the dual-crypt enhancements for the newer versions,
    i think these patches allow storage of encrypted passwords in pg_shadow
    without any substantial changes (or possible damage to existing code).
    
    i am using these mods in conjuction with php scripts, and as such i need
    not give "webuser" or "nobody" any privs on my tables.
    
    -- 
    [ Jim Mercer        jim@reptiles.org         +1 416 410-5633 ]
    [ Now with more and longer words for your reading enjoyment. ]