| From: | Josh Berkus <josh(at)agliodbs(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, Garick Hamlin <ghamlin(at)isc(dot)upenn(dot)edu>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] Solaris ident authentication using unix domain sockets |
| Date: | 2008-07-08 16:35:32 |
| Message-ID: | 200807080935.33186.josh@agliodbs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Tom,
> Indeed. If the Solaris folk feel that getupeercred() is insecure,
> they had better explain why their kernel is that broken. This is
> entirely unrelated to the known shortcomings of the "ident" IP
> protocol.
The Solaris security & kernel folks do, actually. However, there's no
question that TRUST is inherently insecure, and that's what people are going
to use if they can't get IDENT to work.
--
Josh Berkus
PostgreSQL @ Sun
San Francisco
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zdenek Kotala | 2008-07-08 16:42:55 | Re: [WIP] patch - Collation at database level |
| Previous Message | Michael Paesold | 2008-07-08 16:33:41 | Re: [WIP] patch - Collation at database level |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2008-07-08 17:34:01 | Re: [PATCHES] Solaris ident authentication using unix domain sockets |
| Previous Message | Jaime Casanova | 2008-07-08 16:10:45 | Re: [PATCHES] Extending grant insert on tables to sequences |