Recent changes to bugs

#12 md5_postgres does not include 'md5' prefix on hash

Jan Dittberner — Sat, 27 Sep 2014 20:51:14 -0000

add Debian patch for this issue

#13 It is possible to login with any password if query's password is null.

Jan Dittberner — Sat, 27 Sep 2014 20:48:56 -0000

labels: --> patch

#13 It is possible to login with any password if query's password is null.

Jan Dittberner — Sat, 27 Sep 2014 20:48:01 -0000

attached the Debian patch for this issue

It is possible to login with any password if query's password is null.

Lucas Clemente Vella — Tue, 15 Jan 2013 14:02:45 -0000

If the "pw_type" is crypt-based and the password field returned by the query is null, user is able to authenticate with any password. It is true that crypt("anything", ""); is always "", so if the crypted password is an empty string, this is (arguably) the correct behavior, but since it sounds very bad, pam_unix needs explicitly the nullok flag.

But the issue here is even worse: when crypt is used, pam_pgsql authenticates with any password both when the field is an empty string (arguably reasonable) and when it is null. This latter seems very bad, because no output from crypt represents a null password (although this concept is absent in original Unix).

In my opinion, a null password should be treated the same as no result, and should always fail.

A workaround is to use a query that never returns null, like:
SELECT COALESCE(password, '§§INVALID') FROM auth_table;

It is possible to login with any password if query's password is null.

Lucas Clemente Vella — Tue, 15 Jan 2013 14:02:45 -0000

Ticket 13 has been modified: It is possible to login with any password if query's password is null.
Edited By: Jan Dittberner (jandd)

Deryl R. Doucette — Fri, 14 Sep 2012 18:07:57 -0000

Deryl R. Doucette — Fri, 14 Sep 2012 18:07:55 -0000

Deryl R. Doucette — Fri, 14 Sep 2012 18:07:54 -0000