Skip site navigation (1) Skip section navigation (2)

Re: Add another AUTHTYPE for UNIX-domain connections

From: Anton Berezin <tobez(at)tobez(dot)org>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: Add another AUTHTYPE for UNIX-domain connections
Date: 2001-12-03 01:29:22
Message-ID: 20011203022922.B42199@heechee.tobez.org (view raw or flat)
Thread:
Lists: pgsql-patches
On Sun, Dec 02, 2001 at 08:25:48PM -0500, Tom Lane wrote:
> Anton Berezin <tobez(at)tobez(dot)org> writes:
> > On some platforms, it is possible to reliably determine the effective
> > credentials of a UNIX-domain peer.
> 
> Umm ... I think this is in 7.2 already, although not using getpeereid.

Oops.  :-)
> 
> Anyone have an idea whether there are platforms that have getpeereid but
> not SO_PEERCRED or SCM_CREDS?  If so it might be worth adding getpeereid
> as an alternate implementation in ident_unix().

Yes.  From FreeBSD's getpeereid(2) manpage:

IMPLEMENTATION NOTES
	On FreeBSD, getpeereid() is implemented in terms of the
	LOCAL_PEERCRED unix(4) socket option.

Cheers,
+Anton.
-- 
| Anton Berezin                |      FreeBSD: The power to serve |
| catpipe Systems ApS   _ _ |_ |           http://www.FreeBSD.org |
| tobez(at)catpipe(dot)net    (_(_||  |                tobez(at)FreeBSD(dot)org | 
| +45 7021 0050                |         Private: tobez(at)tobez(dot)org |

In response to

Responses

pgsql-patches by date

Next:From: Tom LaneDate: 2001-12-03 01:44:11
Subject: Re: Add another AUTHTYPE for UNIX-domain connections
Previous:From: Tom LaneDate: 2001-12-03 01:25:48
Subject: Re: Add another AUTHTYPE for UNIX-domain connections

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group