Re: Kerberos as source of user name? (Re: [BUGS] segfault in psql on x86_64)

Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> writes:

> Orion Henry <orion(at)trustcommerce(dot)com> writes:
> > It appears to be faulting on a kerberos call which is odd because I
> > don't use kerberos for anything.
>
> I was a bit surprised to realize that if you compile Kerberos support at
> all, libpq will try to get a user name from Kerberos in preference to
> using getpwuid(). This strikes me as odd and surprising behavior.
> There's certainly no security reason for it, since we are only getting
> a default user name that can be trivially overridden.

Harumph. I reported this about a year ago:

http://archives.postgresql.org/pgsql-general/2002-12/msg00740.php

I'm not sure it can be fixed by just not setting the default username though.

In fact I think there's something a little backwards about deciding on a
default username in advance and then trying various authentication methods.

In my case I have a kerberos principal gsstark(at)ATHENA(dot)MIT(dot)EDU and a local
username of "stark".

It seems like it should try to do the kerberos authentication as username
"gsstark" (or even "gsstark(at)ATHENA(dot)MIT(dot)EDU" since the realm is significant).
And if that fails, then it should try to log in as "stark" using unix userid
authentication.

The only fear I have with that direction is that it makes things a bit
unpredictable. I could see it being weird having scripts randomly fail because
they logged in as the wrong user if the tickets happened to have expired or
the network goes down.

--
greg