From: | Alex Pilosov <alex(at)pilosoft(dot)com> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | Andreas Tille <tillea(at)rki(dot)de>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Re: Red Hat to support PostgreSQL |
Date: | 2001-06-28 17:14:37 |
Message-ID: | Pine.BSO.4.10.10106281250521.598-100000@spider.pilosoft.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Thu, 28 Jun 2001, Bruce Momjian wrote:
> > On Wed, 27 Jun 2001, Bruce Momjian wrote:
> >
> > > pg_hba.conf option on Debian called "peer" recently. We don't have such
> > > an option and it was never submitted to us a a patch.
> > >From 7usr/share/doc/postgresql/README.Debian.gz:
> > 6. Unix socket authentication is provided (authentication type "peer").
> > This works just like ident, but for Unix sockets; this provides a more
> > secure method of authentication than ident, and does not require
> > administrators to run identd on their servers. This authentication
> > method has been submitted to the upstream developers, but is not
> > currently part of the upstream release.
> >
> > I don?t know if the Debian maintainer has it submitted but I trust him
> > if he writes it in the relevant document.
>
> Again, PostgreSQL topic...
>
> Hmm, that is interesting. My guess is that we couldn't accept it
> because most OS's can't do authentication on Unix-domain sockets. It
> must have been long ago because I don't remember it. Peer is a nice
> feature, though, and it would be nice if we could support it everywhere.
> I don't like our 'trust' method. Too open.
True. Only linux 2.2+ supports that. I think Solaris supports that too.
FreeBSD 4.3 does not support that.
See following for more info:
http://cr.yp.to/docs/secureipc.html
http://www.superscript.com/ucspi-ipc/intro.html
From | Date | Subject | |
---|---|---|---|
Next Message | Vivek Khera | 2001-06-28 17:25:04 | Re: Red Hat to support PostgreSQL |
Previous Message | Bruce Momjian | 2001-06-28 17:12:17 | Re: Repeated messages (was Re: Suggested improvement : Adjust SEQUENCES) |