Home > mailing lists

Re: Preliminary GSSAPI Patches - Mailing list pgsql-patches

From	Tom Lane
Subject	Re: Preliminary GSSAPI Patches
Date	October 10, 2007 17:08:04
Msg-id	19293.1192035992@sss.pgh.pa.us Whole thread Raw
In response to	Re: Preliminary GSSAPI Patches ("Henry B. Hotz" <hbhotz@oxy.edu>)
Responses	Re: Preliminary GSSAPI Patches
List	pgsql-patches

Tree view

"Henry B. Hotz" <hbhotz@oxy.edu> writes:
> You know, I don't know what I was thinking when I sent this.  My
> apologies for the late correction.
>
> Anyone who has a copy of the "host" keys for a machine can
> manufacture kerberos tickets for the "host" service on that machine
> masquerading as absolutely anyone (including people who don't
> exist).  Same for the "postgres" keys, and if the postgres server can
> steal the host keys (or vice versa) then it's even worse.
> [snip...]

Maybe I'm too dense, but I don't see a conclusion here.  Do we need to
change our code, our docs, both, or neither?

            regards, tom lane

pgsql-patches by date:

From: Tom Lane
Date: 10 October 2007, 13:33:53
Subject: Re: Preliminary patch for tsearch example dictionaries/parsers in contrib

From: Magnus Hagander
Date: 10 October 2007, 17:53:35
Subject: Re: Preliminary GSSAPI Patches

Re: Preliminary GSSAPI Patches - Mailing list pgsql-patches

Previous

Next