| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, wollman(at)LCS(dot)MIT(dot)EDU, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets |
| Date: | 2001-08-15 00:54:42 |
| Message-ID: | 200108150054.f7F0shZ01852@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
> Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> >> BTW, current sources already contain support for using
> >> getsockopt(SO_PEERCRED) where available --- AFAIK that's only Linux,
> >> but perhaps that's all you need.
>
> > Is this feature any different from the fake local ident we've put it?
>
> Yes. Wollman's code uses an SCM_CREDS message, which means (a) it will
> work on Solaris and one or two other Unixen, not only Linux; but (b)
> it requires client-side code additions, not only server-side code.
My upcoming MD5 patch will conflict with this anyway. Also, I just found
out that ODBC doesn't even do crypt authentication! Anyway, I will
merge this into current sources. Seems we can add it to ODBC and JDBC
later, just like the MD5 changes.
Is that OK with everyone. Since we have peer with Linux, seems we
should add CRED_ in the same release.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Garrett Wollman | 2001-08-15 01:07:58 | Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets |
| Previous Message | Paul Ramsey | 2001-08-15 00:20:20 | Re: PostGIS spatial extensions |