Hashing passwords (was Updated TODO list)

Поиск
Список
Период
Сортировка
От Gene Sokolov
Тема Hashing passwords (was Updated TODO list)
Дата
Msg-id 052901bec9f7$8f415080$0d8cdac3@aktrad.ru
обсуждение исходный текст
Ответ на Re: [HACKERS] Updated TODO list  (Bruce Momjian <maillist@candle.pha.pa.us>)
Ответы Re: Hashing passwords (was Updated TODO list)
Список pgsql-hackers
Дерево обсуждения 
From: Bruce Momjian <maillist@candle.pha.pa.us>
> > > ADMIN
> > >
> > How about:
> > * Not storing passwords in plain text
>
> But we don't, do we?  I thougth they were hashed.

maybe I miss something but it does not look so to me:

[PostgreSQL 6.5.0 on i386-unknown-freebsd3.2, compiled by gcc 2.7.2.1]

test1=> select * from pg_shadow;
usename |usesysid|usecreatedb|usetrace|usesuper|usecatupd|passwd|valuntil
--------+--------+-----------+--------+--------+---------+------+-----------
-----------------
postgres|    2000|t          |t       |t       |t        |      |Sat Jan 31
09:00:00 2037 MSK
afmmgr  |    2001|f          |t       |f       |t        |mgrpwd|
afmusr  |    2002|f          |t       |f       |t        |usrpwd|
(3 rows)

В списке pgsql-hackers по дате отправления: