Re: Postgresql security checks

Поиск
Список
Период
Сортировка
От Bruce Momjian
Тема Re: Postgresql security checks
Дата
Msg-id 201102010354.p113sX512760@momjian.us
обсуждение исходный текст
Ответ на Re: Postgresql security checks  (Josh Kupershmidt <schmiddy@gmail.com>)
Список pgsql-novice
Дерево обсуждения 
Josh Kupershmidt wrote:
> On Wed, Sep 8, 2010 at 4:11 AM, Thom Brown <thom@linux.com> wrote:
> > On 8 September 2010 00:26, Bruce Momjian <bruce@momjian.us> wrote:
> >> Yes, you are right. ?Should this be documented? ?Where?
> >
> > Whether it needs documenting, I'm not sure, but if it were to go
> > anywhere, I believe it would be here:
> > http://www.postgresql.org/docs/current/static/catalog-pg-authid.html
>
> I sent in a suggested doc change to that pg_authid page a few days ago:
> http://archives.postgresql.org/pgsql-docs/2010-09/msg00031.php

I have updated the docs to be a little clearer about unencrypted
passwords.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + It's impossible for everything to be true. +
diff --git a/doc/src/sgml/catalogs.sgml b/doc/src/sgml/catalogs.sgml
index ecedacc..09152e6 100644
*** a/doc/src/sgml/catalogs.sgml
--- b/doc/src/sgml/catalogs.sgml
***************
*** 1264,1275 ****
        <entry><structfield>rolpassword</structfield></entry>
        <entry><type>text</type></entry>
        <entry>
!        Password (possibly encrypted); null if none.  If the password is
!        encrypted, this column will contain the string <literal>md5</> followed by a
!        32-character hexadecimal MD5 hash.  The MD5 hash will be of the
!        user's password concatenated to their username (for example, if
!        user joe has password xyzzy, <productname>PostgreSQL</> will store
!        the md5 hash of xyzzyjoe).
        </entry>
       </row>

--- 1264,1277 ----
        <entry><structfield>rolpassword</structfield></entry>
        <entry><type>text</type></entry>
        <entry>
!        Password (possibly encrypted); null if none.  If the password
!        is encrypted, this column will begin with the string <literal>md5</>
!        followed by a 32-character hexadecimal MD5 hash.  The MD5 hash
!        will be of the user's password concatenated to their username.
!        For example, if user <literal>joe</> has password <literal>xyzzy</>,
!        <productname>PostgreSQL</> will store the md5 hash of
!        <literal>xyzzyjoe</>.  A password that does not follow that
!        format is assumed to be unencrypted.
        </entry>
       </row>

В списке pgsql-novice по дате отправления: