| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: server authentication over Unix-domain sockets |
| Date: | 2010-06-11 12:07:26 |
| Message-ID: | 20100611120726.GP21875@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Peter Eisentraut (peter_e(at)gmx(dot)net) wrote:
> The patch needs some portability work and possible refactoring because
> of that, but before I embark on that, comments on the concept?
I definitely like the idea but I dislike requiring the user to do
something to implement it. Thinking about how packagers might want to
use it, could we make it possible to build it defaulted to a specific
value (eg: 'postgres' on Debian) and allow users a way to override
and/or unset it?
Having the option wouldn't do much unless users know of it and use it
and it strikes that will very often not be the case.
I'm impartial towards whatever PG wants to do with the default, just so
long as packagers can override it and set it to something specific.
Also, to that end, it's got to be name-based. Exim in Debian did
something similar and actually tried to force a particular UID.. that
was horrid. :) On Debian, at least, the user is almost always
'postgres', but the UID will vary depending on exactly when the packages
were installed (before or after other system-user-creating packages).
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2010-06-11 12:08:59 | Re: server authentication over Unix-domain sockets |
| Previous Message | Peter Eisentraut | 2010-06-11 12:07:08 | Re: Functional dependencies and GROUP BY |