Robert Bihlmeyer wrote:
>> The upstream developers are not friendly to non-portable features; I
>> might be able to get it added under a config option.
>
>Thought so. My selling point is that this feature is completely
>optional: if it is compiled in, you're allowed to use a new authtype
"Oliver Elphick" writes:
> The upstream developers are not friendly to non-portable features; I
> might be able to get it added under a config option.
Thought so. My selling point is that this feature is completely
optional: if it is compiled in, you're allowed to use a new authtype
"peer" (or s
> "Oliver" == Oliver Elphick writes:
Oliver> It is indeed the case that ident is needed to allow local
Oliver> access without a password. I understand that this
Oliver> presents a small security risk on the server. However,
Oliver> without it, it is necessary for the postgre
On Mon, 30 Apr 2001, Oliver Elphick wrote:
>>This works for Unix sockets under Linux 2.2 and Linux 2.4, at least. I don't
>>know how portable the interface is beyond that, and lack of portability might
>>prevent upstream from adopting it. It would be interesting to see this as an
>>option for De
Robert Bihlmeyer wrote:
>That's not true for Linux 2.[24].x at least. One can use
>getsockopt(..., SO_PEERCRED, ...) to get the uid of the other end.
>
>It would be nice if you could request that as an upstream feature.
The upstream developers are not friendly to non-portable features; I
"Oliver Elphick" writes:
> It is indeed the case that ident is needed to allow local access without
> a password. I understand that this presents a small security risk on the
> server.
I think README.Debian or somesuch should tell why ident is necessary,
and perhaps also how one can restrict id
Steve Langasek wrote:
>> In case anyone should ask why the server cannot authenticate directly,
>> communication between front- and back-ends is done through a Unix socket
>> and therefore it is not possible for the back-end to know the identity
>> of the user at the front-end. The only op
On Mon, 30 Apr 2001, Oliver Elphick wrote:
> Robert Bihlmeyer wrote:
> >Package: libpgsql2.1
> >Version: 7.1release-2
> >Severity: normal
> >identds are considered mild privacy/security risks, therefore I don't
> >think libpgsql2.1 and postgresql-client[1] should depend on
> >ident-se
Robert Bihlmeyer wrote:
>Package: libpgsql2.1
>Version: 7.1release-2
>Severity: normal
>
>identds are considered mild privacy/security risks, therefore I don't
>think libpgsql2.1 and postgresql-client[1] should depend on
>ident-server.
>
>The main use seems to be to allow local co
9 matches
Mail list logo
