| From: | Anton Berezin <tobez(at)tobez(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Add another AUTHTYPE for UNIX-domain connections |
| Date: | 2001-12-03 01:29:22 |
| Message-ID: | 20011203022922.B42199@heechee.tobez.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
On Sun, Dec 02, 2001 at 08:25:48PM -0500, Tom Lane wrote:
> Anton Berezin <tobez(at)tobez(dot)org> writes:
> > On some platforms, it is possible to reliably determine the effective
> > credentials of a UNIX-domain peer.
>
> Umm ... I think this is in 7.2 already, although not using getpeereid.
Oops. :-)
>
> Anyone have an idea whether there are platforms that have getpeereid but
> not SO_PEERCRED or SCM_CREDS? If so it might be worth adding getpeereid
> as an alternate implementation in ident_unix().
Yes. From FreeBSD's getpeereid(2) manpage:
IMPLEMENTATION NOTES
On FreeBSD, getpeereid() is implemented in terms of the
LOCAL_PEERCRED unix(4) socket option.
Cheers,
+Anton.
--
| Anton Berezin | FreeBSD: The power to serve |
| catpipe Systems ApS _ _ |_ | http://www.FreeBSD.org |
| tobez(at)catpipe(dot)net (_(_|| | tobez(at)FreeBSD(dot)org |
| +45 7021 0050 | Private: tobez(at)tobez(dot)org |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2001-12-03 01:44:11 | Re: Add another AUTHTYPE for UNIX-domain connections |
| Previous Message | Tom Lane | 2001-12-03 01:25:48 | Re: Add another AUTHTYPE for UNIX-domain connections |