Jeff Janes escribió: > On Fri, Feb 21, 2014 at 7:04 AM, Alvaro Herrera > <alvhe...@2ndquadrant.com>wrote:
> > If you were to have a mechanism by which > > libpq can store an md5'd password (or whatever hash) and send that md5 > > to the server and have the server accept it to grant a connection, then > > the md5 has, in effect, become the unencrypted password which others can > > capture from the file, and you're back at square one. > > The string in .pgpass would be enough for people to log into postgresql, > true. But it would not work to log onto other things which share the same > clear-text password but don't share the same salting mechanism. That's true. Patches welcome to improve that. Maybe we can define that if the stored password string starts with $1$md5$ and has a just the right length then it's a md5 hash rather than cleartext, or something like that. I do fear that people are going to look at the file and say "hey, it's encrypted [sic] so it's secure! I can share the file with the world!". -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
