Aaron, * Aaron Zauner (a...@azet.org) wrote: > Debian ships a set of Perl scripts to configure for PostgreSQL server > configurations, these are quite outdated and are currently configuring > authentication to use MD5 when 'password' should be used instead.
Uh, no, using 'password' is far worse, and uniformly so, than using md5. I have no idea why anyone would think it's better to store a cleartext version of your password in the pg_authid data (note that pg_shadow is only a view now, I replaced it long ago when I rewrote the user/group system to be role-based). > http://www.openwall.com/lists/oss-security/2015/03/03/12 This isn't news and the post linked by Michael is actually a discussion that I started 10 years ago. It's cute that atom has "found" it and claimed it to be a serious issue, but it simply isn't. > I'd recommend to change this setting ASAP. Open to discuss. Absolutely no would be the answer. There is no reason to believe that having a cleartext password is better than having a hashed representation of it. I hope someone on the OSS list corrects Michael's understanding. The PG community has long been discussing the possibility of providing a new authentication mechanism to replace the md5 one, but anyone who actually cares about security will be using Kerberos or Certificate based authentication anyway, so it hasn't been a priority. Thanks, Stephen
signature.asc
Description: Digital signature
