Skip site navigation (1) Skip section navigation (2)

Re: [PATCHES] Solaris ident authentication using unix domain sockets

From: Josh Berkus <josh(at)agliodbs(dot)com>
To: "Florian G(dot) Pflug" <fgp(at)phlo(dot)org>
Cc: pgsql-hackers(at)postgresql(dot)org, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, Garick Hamlin <ghamlin(at)isc(dot)upenn(dot)edu>, pgsql-patches(at)postgresql(dot)org
Subject: Re: [PATCHES] Solaris ident authentication using unix domain sockets
Date: 2008-07-09 17:55:24
Message-ID: 4874FB8C.9090701@agliodbs.com (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-patches
Florian,

> I'd be *very* interested in how they come to that assessment. I'd have
> thought that the only alternative to getpeereid/getupeercred is
> password-based or certificate-based authenticated - which seem *less*
> secure because a) they also rely on the client having the correct uid
> or gid (to read the password/private key), plus b) the risk of the
> password/private key getting into the wrong hands.

*shrug* don't ask me.  I don't agree with the policy, I can hardly 
defend it.

--Josh

In response to

pgsql-hackers by date

Next:From: Josh BerkusDate: 2008-07-09 17:58:11
Subject: No answers on CommitFest procedures?
Previous:From: Josh BerkusDate: 2008-07-09 17:51:36
Subject: Re: Identifier case folding notes

pgsql-patches by date

Next:From: Neil ConwayDate: 2008-07-09 18:32:37
Subject: Re: [PATCHES] GIN improvements
Previous:From: Zdenek KotalaDate: 2008-07-09 13:43:59
Subject: Re: page macros cleanup (ver 04)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group