[HACKERS] pg_hba.conf and secondary password file
Right now, we support a secondary password file reference in pg_hba.conf. If the file contains only usernames, we assume that it is the list of valid usernames for the connection. If it contains usernames and passwords, like /etc/passwd, we assume these are the passwords to be used for the connection. Such connections must pass the unencrypted passwords over the wire so they can be matched against the file; 'password' encryption in pg_hba.conf. Is it worth keeping this password capability in 7.3? It requires 'password' in pg_hba.conf, which is not secure, and I am not sure how many OS's still use crypt in /etc/passwd anyway. Removing the feature would clear up pg_hba.conf options a little. The ability to specify usernames in pg_hba.conf or in a secondary file is being added to pg_hba.conf anyway, so it is really only the password part that we have to decide to keep or remove. -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup.| Drexel Hill, Pennsylvania 19026 ---(end of broadcast)--- TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
Re: [HACKERS] pg_hba.conf and secondary password file
Bruce Momjian [EMAIL PROTECTED] writes: Right now, we support a secondary password file reference in pg_hba.conf. Is it worth keeping this password capability in 7.3? I'd not cry if it went away. We could get rid of pg_passwd, which is an ugly mess... regards, tom lane ---(end of broadcast)--- TIP 4: Don't 'kill -9' the postmaster
Re: [HACKERS] pg_hba.conf and secondary password file
Bruce Momjian writes: Is it worth keeping this password capability in 7.3? It requires 'password' in pg_hba.conf, which is not secure, and I am not sure how many OS's still use crypt in /etc/passwd anyway. Removing the feature would clear up pg_hba.conf options a little. Personally, I don't care. But I'm concerned that some people might use this to support different passwords for different databases. Not sure why you'd want that. Maybe send an advisory to -general to see. -- Peter Eisentraut [EMAIL PROTECTED] ---(end of broadcast)--- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
Re: [HACKERS] pg_hba.conf and secondary password file
Peter Eisentraut wrote: Bruce Momjian writes: Is it worth keeping this password capability in 7.3? It requires 'password' in pg_hba.conf, which is not secure, and I am not sure how many OS's still use crypt in /etc/passwd anyway. Removing the feature would clear up pg_hba.conf options a little. Personally, I don't care. But I'm concerned that some people might use this to support different passwords for different databases. Not sure why you'd want that. Maybe send an advisory to -general to see. Yes, I will send to general. I wanted to get feedback from hackers first --- I will send now. -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup.| Drexel Hill, Pennsylvania 19026 ---(end of broadcast)--- TIP 6: Have you searched our list archives? http://archives.postgresql.org
