| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | "Dominic J(dot) Eidson" <sauron(at)the-infinite(dot)org>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Patch to include PAM support... |
| Date: | 2001-06-12 18:44:08 |
| Message-ID: | 12956.992371448@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
>> Because (a) it greatly increases the scope of the vulnerability,
> How? It is just a new authentication method with the same problems as
> our current ones.
No, it is not *a* new authentication method, it is an open interface
that could be plugged into almost anything. We need the top-level
postmaster process to be absolutely reliable; plugging into "almost
anything" is not conducive to reliability.
Besides, an hour ago you were ready to reject this patch for lack of
interest. Why are you suddenly so eager to ignore the risks and apply
it anyway?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-06-12 18:57:00 | Re: Patch to include PAM support... |
| Previous Message | Hannu Krosing | 2001-06-12 18:34:29 | Re: Re: REPLACE INTO table a la mySQL |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2001-06-12 18:57:00 | Re: Patch to include PAM support... |
| Previous Message | Bruce Momjian | 2001-06-12 18:31:58 | Re: Patch to include PAM support... |