Re: [HACKERS] password_encryption, default and 'plain' support

Поиск
Список
Период
Сортировка
От Magnus Hagander
Тема Re: [HACKERS] password_encryption, default and 'plain' support
Дата
Msg-id CABUevEzsmFdzcvjNwLQeZR+CVOiNyiqE+R5Cv=HWgyZQVs6K8w@mail.gmail.com
обсуждение исходный текст
Ответ на [HACKERS] password_encryption, default and 'plain' support  (Heikki Linnakangas <hlinnaka@iki.fi>)
Ответы Re: [HACKERS] password_encryption, default and 'plain' support  (Michael Paquier <michael.paquier@gmail.com>)
Список pgsql-hackers
Дерево обсуждения


On Wed, May 3, 2017 at 1:31 PM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
Hi,

In various threads on SCRAM, we've skirted around the question of whether we should still allow storing passwords in plaintext. I've avoided discussing that in those other threads, because it's been an orthogonal question, but it's a good question and we should discuss it.

So, I propose that we remove support for password_encryption='plain' in PostgreSQL 10. If you try to do that, you'll get an error.

Is there any usecase at all for it today?

+1 for getting rid of it :)

 
Another question that's been touched upon but not explicitly discussed, is whether we should change the default to "scram-sha-256". I propose that we do that as well. If you need to stick to md5, e.g. because you use drivers that don't support SCRAM yet, you can change it in postgresql.conf, but the majority of installations that use modern clients will be more secure by default.

Much as that's going to cause issues for some people, I think it's worth doing. We should probably put something specific in the release notes mentioning the error message you get in libpq, and possibly some of the other most common drivers. 

--

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Heikki Linnakangas
Дата:
Сообщение: [HACKERS] password_encryption, default and 'plain' support
Следующее
От: Aleksander Alekseev
Дата:
Сообщение: Re: [HACKERS] Error message on missing SCRAM authentication witholder clients