| From: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
|---|---|
| To: | <gsstark(at)mit(dot)edu>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | <pgsql-hackers(at)postgresql(dot)org>, <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] [PATCHES] Removing Kerberos 4 |
| Date: | 2005-06-22 20:24:35 |
| Message-ID: | 6BCB9D8A16AC4241919521715F4D8BCE094556@algol.sollentuna.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
> > Last chance for any Kerberos 4 users to speak up --- otherwise I'll
> > apply this soon.
>
> If you just want someone to test it I can do that. I don't
> actually use it normally though.
I don't think "just testing" is enough - somebody needs to actually
maintain it...
> As far as security issues the only issues I'm aware of is a)
> it uses plain DES which is just a 56 bit key and crackable by
> brute force and b) cross-domain authentication is broken.
Yeah. But it has been declared dead by the Kerberos folks
(http://www.faqs.org/faqs/kerberos-faq/general/section-7.html. And this
document is from 2000, an dit was declared already then)...
//Magnus
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Mitchell | 2005-06-22 20:31:56 | Vacuum advice |
| Previous Message | David Parker | 2005-06-22 20:05:07 | dump/restore bytea fields |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Merlin Moncure | 2005-06-22 20:34:19 | Re: pl/pgsql: END verbosity |
| Previous Message | Greg Stark | 2005-06-22 20:23:02 | Re: commit_delay, siblings |