Skip site navigation (1) Skip section navigation (2)

Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Magnus Hagander" <mha(at)sollentuna(dot)net>
Cc: "PostgreSQL-patches" <pgsql-patches(at)postgresql(dot)org>
Subject: Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2
Date: 2005-10-08 20:26:19
Message-ID: 467.1128803179@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-patches
BTW, it appears to me that this patch has also broken the claim in the
manual that

	If [krb_server_hostname is] not set, the default is to allow any
	service principal matching an entry in the keytab.

The reason that was true was that we passed a NULL "server" value to
krb5_recvauth(), which with this patch we never do anymore.

I'm not sure if this represents a serious loss of flexibility or not,
but in any case the documentation needs an update.

			regards, tom lane

In response to

Responses

pgsql-patches by date

Next:From: Tom LaneDate: 2005-10-08 21:27:11
Subject: Re: [PATCH] Using pread instead of lseek (with analysis)
Previous:From: Tom LaneDate: 2005-10-08 19:42:49
Subject: Re: [HACKERS] Kerberos brokenness and oops question in 8.1beta2

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group