| From: | Garrett Wollman <wollman(at)khavrinen(dot)lcs(dot)mit(dot)edu> |
|---|---|
| To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Kerberos v5 support |
| Date: | 2000-11-06 18:16:48 |
| Message-ID: | 200011061816.NAA74145@khavrinen.lcs.mit.edu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
<<On Mon, 6 Nov 2000 12:05:01 -0500 (EST), Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> said:
> I have applied some kerberos changes to the current snapshot a few
> months ago. Can you grab that and let me know what you would like
> changed? Thanks.
My code has much better error handing (``Kerberos error %d'' is vile!)
and uses the correct API to determine the client's authenticated
name. My version also checks the IP addresses in the client's ticket
to protect against certain kinds of attacks. On the other hand, the
-current code is configurable with respect to the name of the keytab.
(I don't personally see much value in allowing the keytab name to be
changed at run time, but whatever floats your boat....)
Both versions still sweep the an_to_ln problem under the carpet. This
is a SERIOUS flaw for anyone who needs to operate in an environment
with cross-realm authentication. I don't know the innards of pgsql
well-enough to be able to code the internal table-lookup that would be
necessary to perform proper an_to_ln mapping -- hopefully someone else
out there does.
Since I'm working in a near-production environment, I'm not presently
able to combine my functionality with that provided in pgsql-current.
When it becomes a release, you may well hear back from me.
-GAWollman
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2000-11-06 18:25:16 | Re: Kerberos v5 support |
| Previous Message | Bruce Momjian | 2000-11-06 18:07:02 | Re: Minor make bug on AIX |