pg_hba.conf and secondary password file
Right now, we support a secondary password file reference in
pg_hba.conf.
If the file contains only usernames, we assume that it is the list of
valid usernames for the connection. If it contains usernames and
passwords, like /etc/passwd, we assume these are the passwords to be
used for the connection. Such connections must pass the unencrypted
passwords over the wire so they can be matched against the file;
'password' encryption in pg_hba.conf.
Is it worth keeping this password capability in 7.3? It requires
'password' in pg_hba.conf, which is not secure, and I am not sure how
many OS's still use crypt in /etc/passwd anyway. Removing the feature
would clear up pg_hba.conf options a little.
The ability to specify usernames in pg_hba.conf or in a secondary file
is being added to pg_hba.conf anyway, so it is really only the password
part that we have to decide to keep or remove.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
Bruce Momjian <pgman@candle.pha.pa.us> writes:
Right now, we support a secondary password file reference in
pg_hba.conf.
Is it worth keeping this password capability in 7.3?
I'd not cry if it went away. We could get rid of pg_passwd, which
is an ugly mess...
regards, tom lane
Tom Lane wrote:
Bruce Momjian <pgman@candle.pha.pa.us> writes:
Right now, we support a secondary password file reference in
pg_hba.conf.
Is it worth keeping this password capability in 7.3?I'd not cry if it went away. We could get rid of pg_passwd, which
is an ugly mess...
Yes, that was my thinking too. Seems like a good time for housecleaning
pg_hba.conf.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026Peter Eisentraut wrote:
Bruce Momjian writes:
Is it worth keeping this password capability in 7.3? It requires
'password' in pg_hba.conf, which is not secure, and I am not sure how
many OS's still use crypt in /etc/passwd anyway. Removing the feature
would clear up pg_hba.conf options a little.Personally, I don't care. But I'm concerned that some people might use
this to support different passwords for different databases. Not sure why
you'd want that. Maybe send an advisory to -general to see.
Yes, I will send to general. I wanted to get feedback from hackers
first --- I will send now.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026Import Notes
Reply to msg id not found: Pine.LNX.4.30.0203151952460.767-100000@peter.localdomain | Resolved by subject fallback
Bruce Momjian writes:
Is it worth keeping this password capability in 7.3? It requires
'password' in pg_hba.conf, which is not secure, and I am not sure how
many OS's still use crypt in /etc/passwd anyway. Removing the feature
would clear up pg_hba.conf options a little.
Personally, I don't care. But I'm concerned that some people might use
this to support different passwords for different databases. Not sure why
you'd want that. Maybe send an advisory to -general to see.
--
Peter Eisentraut peter_e@gmx.net