From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Craig Ringer <craig(at)2ndquadrant(dot)com> |
Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
Subject: | Re: Allow peer/ident to fall back to md5? |
Date: | 2014-10-29 02:45:15 |
Message-ID: | 26114.1414550715@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Craig Ringer <craig(at)2ndquadrant(dot)com> writes:
> At pgconf-eu lvaro and I were discussing the idea of allowing 'peer'
> and 'ident' authentication to fall back to md5 if the peer/ident check
> failed.
I think it would be acceptable to define *new* auth modes that work
that way. I'm violently against redefining the meaning of existing
pg_hba.conf entries like this: it's not terribly hard to imagine
cases where it'd be a security problem, and even if you claim it isn't,
people will get bent out of shape if they think you're poking holes
in their oh-so-carefully-chosen authentication arrangements.
> If anyone's concerned about that I think it'd be reasonable to
> add an option in pg_hba.conf to allow 'ident' and 'peer' to be qualified
> with a no_md5_fallback mode.
You've got that exactly backwards.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Craig Ringer | 2014-10-29 02:52:38 | Re: Allow peer/ident to fall back to md5? |
Previous Message | Steve Singer | 2014-10-29 02:38:29 | Re: logical decoding - reading a user catalog table |