Stephen, > I'm concerned about both using a random salt in pg_shadow and about > better documentation about what happens when you use 'md5' in > pg_hba.conf.
Yep, per our conversation on IRC. Frankly, I responded on Bugtraq mainly to the other person's comment that we'd been ignoring the issue since 2002. Few of the people on bugtraq read pgsql-hackers and I didn't want to leave them with the impression that our group ignored security threats. > It was generally my understanding that it was better to get it > 'sanctioned' and on the TODO list before just writing something up and > expecting it to be included. Absolutely. > I've already offered elsewhere to work on > writing a random-salt patch for PostgreSQL targeted at 8.1 and this > encourages me further. I understand that I'd need to be sure it was > backwards compatible to some extent (do both older client <-> newer > server and newer client <-> older server need to work? I seem to recall > only older client <-> newer server had to work, but perhaps I'm not > remembering right). Actually, I think older client <-> newer server is the least critical. We'd be incrementing libpq for this. Right, Bruce? While you're at it, maybe you should look at ways that pg_shadow could be double-encrypted on backup but still restored easily? -- Josh Berkus Aglio Database Solutions San Francisco ---------------------------(end of broadcast)--------------------------- TIP 2: you can get off all lists at once with the unregister command (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])