From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
Cc: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Volker Aßmann <volker(dot)assmann(at)gmail(dot)com>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Disabling trust/ident authentication configure option |
Date: | 2015-05-06 20:28:43 |
Message-ID: | 554A797B.1010101@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 05/06/2015 04:19 PM, Robert Haas wrote:
> On Wed, May 6, 2015 at 3:57 PM, Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>> I don't necessarily object to this idea, but I do think we need to ensure
>> that we don't allow both trust and peer to be disabled (which means on
>> Windows you would not be able to disable trust). Otherwise this becomes a
>> footgun which would require the whole server to be stopped so you could
>> connect in single user mode to correct certain mistakes, which are
>> unfortunately all too common.
> Of course that's precisely what the OP wanted to do, which goes to my
> point that not everybody's going to want the same thing.
>
If that is indeed the proposal, then I vote no.
But he did say upthread:
> Single user sessions would work, but the "peer" authentication is also
> still available and should be the preferred method to reset passwords
> when trust is disabled, so this should not be an issue.
(Personally I think there's a very good case for completely ripping out
RFC1413 ident auth. I've not seen it used in a great long while, and
it's always been a security risk.)
cheers
andrew
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Geoghegan | 2015-05-06 20:37:07 | Re: INSERT ... ON CONFLICT syntax issues |
Previous Message | Andres Freund | 2015-05-06 20:22:24 | Re: INSERT ... ON CONFLICT syntax issues |