right, i understand this; (and trust me, the directory is well secured) but
i can, say, if i'm using the perl5 Pg module, pass an unencrypted password
to Pg::connectdb and it still connects, with no encryption. i couldn't
find any calls to crypt() in the Pg source code, either.
On Wed, Dec 22, 1999 at 10:11:39AM +0100, Nicolas Huillard wrote:
> "Crypted password" stands for "crypted password transfer" between the client and the
>backend : there passwords temselves are stored uncrypted.
> I also wondered what this exactly was...
> Thake care that clear password are also stored in the pg_pwd file, which is by
>default -rw-rw-rw-. You have to be sure to protect you Postgres directory with "chmod
>700"
>
> Yours,
>
> Nicolas Huillard
>
> -----Message d'origine-----
> De: erik cameron [SMTP:[EMAIL PROTECTED]]
> Date: mercredi 22 décembre 1999 03:03
> À: [EMAIL PROTECTED]
> Objet: [ADMIN] crypt'ed passwords not functioning properly
>
> it seems my supposedly crypted passwords are not really quite so crypted
> after all, and i'm a little confused... preliminary info: it's postgresql
> 6.5.2 running on solaris 7: here's the uname output:
>
> senta:~/src/postgresql-6.5.2/src> uname -a
> SunOS senta 5.7 Generic_106541-05 sun4u sparc SUNW,Ultra-1
>
> the "local" entry in my pg_hba.conf file is simply "local all crypt"; yet,
> strangely enough, when i create/alter users, the password is written into
> pg_shadow in clear text. example:
>
> pgsql=> create user foo with password bar;
> CREATE USER
> pgsql=> select passwd from pg_shadow where usename='foo';
> passwd
> ------
> bar
>
> now, i thought to myself, maybe i'm misunderstanding this, and i need to
> provide 'create user' with an already crypted pw; however, i can log in
> with username 'foo' and password 'bar' after doing this. obviously, this
> is a problem... any thoughts on this? i've searched the mailing lists
> and only found a couple of very inconclusive threads from pgsql-questions,
> and there's nothing in the faq. (by the by, i'm testing the login using
> both psql and pgsql-perl5; both have similar results. i've restarted
> postmaster, etc.) has anyone seen this and/or fixed it?
>
> tia,
> erik
>
> p.s. the only thing that i can think of, (and i thought of it as i was typing
> the last paragraph) is that ldd claims that the postgres binaries are
> linked against libcrypt_i.so.1; i'm assuming this is an international version
> of libcrypt... anyone know if this breaks crypted passwords?
>
> --
> erik cameron unix systems administrator
> jfi/mrsec @ the university of chicago
> [EMAIL PROTECTED]
> http://senta.uchicago.edu/gnupg for public key
>
> ************
--
erik cameron unix systems administrator
jfi/mrsec @ the university of chicago
[EMAIL PROTECTED]
http://senta.uchicago.edu/gnupg for public key
************
