Re: passwords in pg_shadow (duplicate).

Hiroshi Inoue wrote:
> Bruce Momjian wrote:
> >
> > Good catch.  Seems like a bug.  I assumed we still want to support
> > 'password' even though pg_shadow contains MD5 encrypted passwords.  Is
> > that correct?  (We can't support crypt in those cases.)
> >
> > The following patch fixes this.  I need to review it later, but we could
> > apply to 7.3.1.  I assume there are still some interfaces that don't
> > support md5 or crypt and we will need this patch to continue supporting
> > them, though I am sure there are some out there that want 'password' to
> > go away.
>
> Honestly I don't understand your intention.
> For example, if some one would like to use
> crypt authentication what should he do ?
> Certainly he can store a plain password using
> 'with unencrypted password ....'. But pg_dump
> would dump it as 'with password ....' and as
> a result the password would be restored as MD5
> encrypted password by default.

Well, the idea of the postgresql.conf setting password_encryption was
to easily migrate people to a system that stored passwords encrypted in
the database, and it seems to have worked well for that.  (Security
folks were complaining about our non-encrypted pg_shadow passwords.)

I see now there should have been a mention in the release notes about
it to warn folks who still want to use crypt.  However, I question why
people would want to use crypt unless they have an interface that
doesn't support MD5.  There also is a plan someday to remove support
from crypt once all clients are MD5 capable.

Let me apply that patch I posted to current and 7.3 so the fix will be
in 7.3.1. That will allow 'password' to work again.  We can't really do
crypt unless they load using password_encryption set to false.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073