| From: | Josh Berkus <josh(at)agliodbs(dot)com> |
|---|---|
| To: | "Florian G(dot) Pflug" <fgp(at)phlo(dot)org> |
| Cc: | pgsql-hackers(at)postgresql(dot)org, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Robert Treat <xzilla(at)users(dot)sourceforge(dot)net>, Garick Hamlin <ghamlin(at)isc(dot)upenn(dot)edu>, pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: [PATCHES] Solaris ident authentication using unix domain sockets |
| Date: | 2008-07-09 17:55:24 |
| Message-ID: | 4874FB8C.9090701@agliodbs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
Florian,
> I'd be *very* interested in how they come to that assessment. I'd have
> thought that the only alternative to getpeereid/getupeercred is
> password-based or certificate-based authenticated - which seem *less*
> secure because a) they also rely on the client having the correct uid
> or gid (to read the password/private key), plus b) the risk of the
> password/private key getting into the wrong hands.
*shrug* don't ask me. I don't agree with the policy, I can hardly
defend it.
--Josh
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2008-07-09 17:58:11 | No answers on CommitFest procedures? |
| Previous Message | Josh Berkus | 2008-07-09 17:51:36 | Re: Identifier case folding notes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Neil Conway | 2008-07-09 18:32:37 | Re: [PATCHES] GIN improvements |
| Previous Message | Zdenek Kotala | 2008-07-09 13:43:59 | Re: page macros cleanup (ver 04) |