Skip site navigation (1) Skip section navigation (2)

Re: [PATCHES] Solaris ident authentication using unix domain sockets

From: Josh Berkus <josh(at)agliodbs(dot)com>
To: pgsql-hackers(at)postgresql(dot)org
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, Garick Hamlin <ghamlin(at)isc(dot)upenn(dot)edu>, pgsql-patches(at)postgresql(dot)org
Subject: Re: [PATCHES] Solaris ident authentication using unix domain sockets
Date: 2008-07-08 16:35:32
Message-ID: 200807080935.33186.josh@agliodbs.com (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
Tom,

> Indeed.  If the Solaris folk feel that getupeercred() is insecure,
> they had better explain why their kernel is that broken.  This is
> entirely unrelated to the known shortcomings of the "ident" IP
> protocol.

The Solaris security & kernel folks do, actually.  However, there's no 
question that TRUST is inherently insecure, and that's what people are going 
to use if they can't get IDENT to work.

-- 
Josh Berkus
PostgreSQL @ Sun
San Francisco

In response to

Responses

pgsql-hackers by date

Next:From: Zdenek KotalaDate: 2008-07-08 16:42:55
Subject: Re: [WIP] patch - Collation at database level
Previous:From: Michael PaesoldDate: 2008-07-08 16:33:41
Subject: Re: [WIP] patch - Collation at database level

pgsql-patches by date

Next:From: Andrew DunstanDate: 2008-07-08 17:34:01
Subject: Re: [PATCHES] Solaris ident authentication using unix domain sockets
Previous:From: Jaime CasanovaDate: 2008-07-08 16:10:45
Subject: Re: [PATCHES] Extending grant insert on tables to sequences

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group