"Meredith L. Patterson" <m...@osogato.com> writes: > Magnus Hagander wrote: >> We might want to consider using a safer hash for the password storage at >> some point, but from what I gather it's not really urgent for *that* use. >> > It would be a lot more urgent if we weren't salting, but IIRC we are.
I don't really see that there's any issue here at all. The point of the hashing is to prevent a superuser (non-superusers can't look at the stored hashvalue anyway) from recovering the user's actual password. This is not for the purpose of protecting the database itself --- superusers already have all the keys to the kingdom in that respect. It's only meant to protect a user who's unwisely used the same password for multiple services from having a database breakin mean that his other services are compromised as well. Being able to make up strings that hash to the same thing doesn't create a vulnerability of this sort, AFAICS. You've found something that the database would accept as being a valid password, but that doesn't mean that it will work for other services. regards, tom lane -- Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-bugs