Skip site navigation (1) Skip section navigation (2)

Re: Patch to include PAM support...

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: "Dominic J(dot) Eidson" <sauron(at)the-infinite(dot)org>, pgsql-patches(at)postgresql(dot)org
Subject: Re: Patch to include PAM support...
Date: 2001-06-12 16:55:04
Message-ID: 200106121655.f5CGt4320744@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > I know there was concerns about blocking but is that problem any more so
> > than other interfaces we already support?
> 
> We don't need to make it worse.  We've already had trouble reports about
> postmaster hangups with broken IDENT servers; PAM will hugely expand the
> scope of potential troubles.  Can you say "denial of service"?

Does it really?  You are saying PAM can make "denial of service" attacks
even easier than ident?  

If it is the same risk, I think it is OK, but if it is worse, I see your
point.  (I don't know much about PAM except it allows authentication.)

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

In response to

Responses

pgsql-hackers by date

Next:From: Mathijs BrandsDate: 2001-06-12 17:09:57
Subject: Re: Patch to include PAM support...
Previous:From: Bruce MomjianDate: 2001-06-12 16:52:22
Subject: Re: Australian timezone configure option

pgsql-patches by date

Next:From: Mathijs BrandsDate: 2001-06-12 17:09:57
Subject: Re: Patch to include PAM support...
Previous:From: Bruce MomjianDate: 2001-06-12 16:52:22
Subject: Re: Australian timezone configure option

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group