Re: [BUGS] BUG #1134: ALTER USER ... RENAME breaks md5
| От | Bruce Momjian |
|---|---|
| Тема | Re: [BUGS] BUG #1134: ALTER USER ... RENAME breaks md5 |
| Дата | |
| Msg-id | 200404271304.i3RD4OM22214@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Re: [BUGS] BUG #1134: ALTER USER ... RENAME breaks md5 (Fabien COELHO <coelho@cri.ensmp.fr>) |
| Список | pgsql-patches |
Fabien COELHO wrote: > > Dear Bruce, > > > Yes, the problem is that we used the username for the salt, just like > > FreeBSD does for its MD5 passwords. > > Not that I know of on FreeBSD? > > shell> uname -a > FreeBSD palo-alto2.ensmp.fr 4.9-STABLE FreeBSD 4.9-STABLE #5: Mon Mar 1 21:31:30 CET 2004 root@palo-alto2.ensmp.fr:/usr/src/sys/compile/IAR2Mi386 > > shell> grep coelho /var/yp/master.passwd > coelho:$1$00EacB0I$4kQ/HmqFFQANZP/mxj8ZX0:210:20::0:0:COELHO, Fabien:/users/cri/coelho:/usr/local/bin/bash > ^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^ > salt some base 64 encoding of 1002 paranoid md5 computations. > > Even of the salt is based on the login, the point is that it is stored > separatly, so the system does not rely on the login string to check the > password. Oh, I thought FreeBSD used the username. Not sure were we got that idea. I know we needed a different salt only so users with the same password would not have the same MD5 value. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
В списке pgsql-patches по дате отправления: