[Pkg-postgresql-public] Bug#779683: Bug#779683: postgresql: pg_hba scripts (mis)configures for MD5 authentication
Stephen Frost
sfrost at snowman.net
Wed Mar 4 00:45:56 UTC 2015
Aaron,
* Aaron Zauner (azet at azet.org) wrote:
> Debian ships a set of Perl scripts to configure for PostgreSQL server
> configurations, these are quite outdated and are currently configuring
> authentication to use MD5 when 'password' should be used instead.
Uh, no, using 'password' is far worse, and uniformly so, than using md5.
I have no idea why anyone would think it's better to store a cleartext
version of your password in the pg_authid data (note that pg_shadow is
only a view now, I replaced it long ago when I rewrote the user/group
system to be role-based).
> http://www.openwall.com/lists/oss-security/2015/03/03/12
This isn't news and the post linked by Michael is actually a discussion
that I started 10 years ago. It's cute that atom has "found" it and
claimed it to be a serious issue, but it simply isn't.
> I'd recommend to change this setting ASAP. Open to discuss.
Absolutely no would be the answer. There is no reason to believe that
having a cleartext password is better than having a hashed
representation of it. I hope someone on the OSS list corrects Michael's
understanding.
The PG community has long been discussing the possibility of providing a
new authentication mechanism to replace the md5 one, but anyone who
actually cares about security will be using Kerberos or Certificate
based authentication anyway, so it hasn't been a priority.
Thanks,
Stephen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-postgresql-public/attachments/20150303/5b911f09/attachment.sig>
More information about the Pkg-postgresql-public
mailing list