Re: [HACKERS] Updated TODO list

From: Bruce Momjian <maillist@candle.pha.pa.us>
> > Bruce Momjian <maillist@candle.pha.pa.us> writes:
> > >> DB admin has no business knowing other's passwords. The current
security
> > >> scheme is seriously flawed.
> >
> > > But it is the db passwords, not the Unix passwords.
> >
> > I think the original point was that some people use the same or related
> > passwords for psql as for their login password.
> >
> > Nonetheless, since we have no equivalent of "passwd" that would let a
> > db user change his db password for himself, it's a little silly to
> > talk about hiding db passwords from the admin who puts them in.
> >
> > If this is a concern, we'd need to add both encrypted storage of
> > passwords and a remote-password-change feature.
>
> Doing the random salt over the wire would still be a problem.

There is absolutely no technical problem with storing hashed passwords and
still sending salted hash over the wire. It was recently discussed in detail
in "Hashing passwords" thread in pgsql-hackers list.

Gene Sokolov