Re: ODBC problem - crypt..
| От | Cedar Cox |
|---|---|
| Тема | Re: ODBC problem - crypt.. |
| Дата | |
| Msg-id | Pine.LNX.4.21.0010092332560.23306-100000@nanu.visionforisrael.com обсуждение исходный текст |
| Ответ на | Re: ODBC problem (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: ODBC problem - crypt..
|
| Список | pgsql-interfaces |
On Mon, 9 Oct 2000, Tom Lane wrote: .. > We have talked about adding a higher-security login protocol --- you can > find past threads about this in the pghackers archive. IIRC a fairly > complete design was worked out, but no one's got round to implementing > it yet. There might still have been some unresolved objections, too. > > regards, tom lane Perhaps I didn't make my point clear: The only point of a password is to protect something. If that something is transmitted in the clear, then from a hackers point of view there's almost no point in having a password. Of course this only applies to fetching data.. updates are a different story. So. If working with sensitive data, shouldn't the data be encrypted as well, not just the login sequence? Is ssh a good way to go (assuming you have an account on the PG machine), and is what I proposed possible? -Cedar
В списке pgsql-interfaces по дате отправления: