Re: password_encryption, default and 'plain' support
Magnus Hagander <magnus@hagander.net>
From: Magnus Hagander <magnus@hagander.net>
To: Albe Laurenz <laurenz.albe@wien.gv.at>
Cc: "Tom Lane *EXTERN*" <tgl@sss.pgh.pa.us>,
Robert Haas <robertmhaas@gmail.com>, Heikki Linnakangas <hlinnaka@iki.fi>,
pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2017-05-05T08:02:09Z
Lists: pgsql-hackers
On Fri, May 5, 2017 at 9:38 AM, Albe Laurenz <laurenz.albe@wien.gv.at> wrote: > Tom Lane wrote: > > Robert Haas <robertmhaas@gmail.com> writes: > >> On Wed, May 3, 2017 at 7:31 AM, Heikki Linnakangas <hlinnaka@iki.fi> > wrote: > >>> So, I propose that we remove support for password_encryption='plain' in > >>> PostgreSQL 10. If you try to do that, you'll get an error. > > >> I have no idea how widely used that option is. > > > Is it possible that there are still client libraries that don't support > > password encryption at all? If so, are we willing to break them? > > I'd say "yes" but it's worth thinking about. > > We have one application that has been reduced to "password" authentication > ever since "crypt" authentication was removed, because they implemented the > line protocol rather than using libpq and never bothered to move to "md5". > > But then, it might be a good idea to break this application, because that > would force the vendor to implement something that is not a > blatant security problem. > It might. But I'm pretty sure the suggestion does not include removing the "password" authentication type, that one will still exist. This is just about password *storage*. -- Magnus Hagander Me: https://www.hagander.net/ <http://www.hagander.net/> Work: https://www.redpill-linpro.com/ <http://www.redpill-linpro.com/>
Commits
-
Remove support for password_encryption='off' / 'plain'.
- eb61136dc75a 10.0 landed