Re: [general] Permissions

On Monday 12 November 2001 03:16 pm, you wrote:
> Thank you.  This worked.  In testing it out, I noticed that postgres only
> considers the first eight charaters of the password.  So
>
> abcdefghijklm
> abcdefghmlkji
>
> are considered the same by postgres.  Is that correct?

Well... sort of. It isn't so much Postgres as crypt(). crypt() only hashes
the first 8 characters. I wonder if postgres supports md5 encryption instead?
md5 is considered more secure and allows for longer passwords.

Regards,
    Jeff

>
> Travis
>
> On Monday 12 November 2001 01:01, Jeff Davis enlightened me by saying:
> > PostgreSQL has, it seems, a somewhat weak permissions system, although it
> > definately gets the job done.
> >
> > What you can do is have a seperate pg_hba.conf entry for every
> > user/database combination you would like to be able to connect. To make
> > this work, make a seperate password file for each user using pg_passwd.
> > Lets say you call two files a_passwd and b_passwd (in accordance with
> > your example), then make the lines:
>
>  . . .
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html