| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Dominic J(dot) Eidson" <sauron(at)the-infinite(dot)org>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Patch to include PAM support... |
| Date: | 2001-06-12 16:55:04 |
| Message-ID: | 200106121655.f5CGt4320744@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > I know there was concerns about blocking but is that problem any more so
> > than other interfaces we already support?
>
> We don't need to make it worse. We've already had trouble reports about
> postmaster hangups with broken IDENT servers; PAM will hugely expand the
> scope of potential troubles. Can you say "denial of service"?
Does it really? You are saying PAM can make "denial of service" attacks
even easier than ident?
If it is the same risk, I think it is OK, but if it is worse, I see your
point. (I don't know much about PAM except it allows authentication.)
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mathijs Brands | 2001-06-12 17:09:57 | Re: Patch to include PAM support... |
| Previous Message | Bruce Momjian | 2001-06-12 16:52:22 | Re: Australian timezone configure option |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mathijs Brands | 2001-06-12 17:09:57 | Re: Patch to include PAM support... |
| Previous Message | Bruce Momjian | 2001-06-12 16:52:22 | Re: Australian timezone configure option |