Skip site navigation (1) Skip section navigation (2)

Re: Patch to include PAM support...

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: "Dominic J(dot) Eidson" <sauron(at)the-infinite(dot)org>, pgsql-patches(at)postgresql(dot)org
Subject: Re: Patch to include PAM support...
Date: 2001-06-12 18:31:58
Message-ID: 200106121831.f5CIVwW01350@candle.pha.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > It is has the same problems as IDENT, and it doesn't add any new
> > problems, and it meets people's needs, why not add it?
> 
> Because (a) it greatly increases the scope of the vulnerability,

How?  It is just a new authentication method with the same problems as
our current ones.

> and (b) it adds more code that will need to be rewritten to fix the
> problem.  I want to fix the blocking problem first, then solicit a
> PAM patch that fits into the rewritten postmaster.

This seems to fit into the "wait for the perfect fix" solution which I
don't think applies here.  There is no saying that a PAM patch will even
be around once we get the rest working. 

Basically, we have some people who want it.  Now we need to hear from
people who don't want it.   I have a "no" from Tom and a "yes" from
"Peter E" (and the author).

We need more votes to decide.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman(at)candle(dot)pha(dot)pa(dot)us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

In response to

Responses

pgsql-hackers by date

Next:From: Hannu KrosingDate: 2001-06-12 18:34:29
Subject: Re: Re: REPLACE INTO table a la mySQL
Previous:From: Darren JohnsonDate: 2001-06-12 18:29:20
Subject: RE: AW: Postgres Replication

pgsql-patches by date

Next:From: Tom LaneDate: 2001-06-12 18:44:08
Subject: Re: Patch to include PAM support...
Previous:From: Tom LaneDate: 2001-06-12 18:23:11
Subject: Re: Patch to include PAM support...

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group