| From: | Peter Eisentraut <e99re41(at)DoCS(dot)UU(dot)SE> |
|---|---|
| To: | Jan Wieck <wieck(at)debis(dot)com> |
| Cc: | Jim Mercer <jim(at)reptiles(dot)org>, pgsql-general(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [HACKERS] pgsql/php3/apache authentication |
| Date: | 2000-04-28 08:05:31 |
| Message-ID: | Pine.GSO.4.02A.10004281003220.10804-100000@Uggla.DoCS.UU.SE |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
On Thu, 27 Apr 2000, Jan Wieck wrote:
> The default of "local all trust" is something I allways
> considered insecure.
No kidding.
> If we add a permissions field to the local entry, the
> postmaster can chmod() the socket file after creating it (and
> maybe drain out waiting connections that slipped in between
> after a second before accepting the first real one). The
> default hba would then read:
>
> local all trust 0770
> host all 127.0.0.1 255.255.255.255 ident sameuser
I think I like that idea.
--
Peter Eisentraut Sernanders väg 10:115
peter_e(at)gmx(dot)net 75262 Uppsala
http://yi.org/peter-e/ Sweden
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2000-04-28 08:09:25 | Re: [HACKERS] pgsql/php3/apache authentication |
| Previous Message | Titus Brown | 2000-04-28 06:48:03 | "Slow" replication/updates/?? |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2000-04-28 08:09:25 | Re: [HACKERS] pgsql/php3/apache authentication |
| Previous Message | Jan Wieck | 2000-04-28 01:52:37 | Re: Re: [HACKERS] pgsql/php3/apache authentication |