Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets - Mailing list pgsql-patches
From | Bruce Momjian |
---|---|
Subject | Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets |
Date | |
Msg-id | 200108190137.f7J1bKS08322@candle.pha.pa.us Whole thread Raw |
In response to | Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets (Tom Lane <tgl@sss.pgh.pa.us>) |
Responses |
Re: Patch: use SCM_CREDS authentication over PF_LOCAL sockets
|
List | pgsql-patches |
> Peter Eisentraut <peter_e@gmx.net> writes: > > Since this patch overwrites the previous SO_PEERCRED patch I assume you > > want it to work on Linux, too. On Linux SCM_CREDS is called > > SCM_CREDENTIALS. > > Overwrite? It looks like an addition to me. I think the #ifdef tests > in ident_unix are in the wrong order, however: we should prefer > SO_PEERCRED if available, since that works with old clients. As written > the postmaster code will select SCM_CREDS if both methods are available, > which is the wrong choice IMHO. Yes, but I mentioned PEERCRED is new in 7.2 and wasn't widely distributed by Debian, so we should decide which we want first. Also, let me mention that this could turn out to be a portability headache. We currently support two SCM_CRED implementations, FreeBSD and BSD/OS, and they are both different. I found: Linux : SO_PEERCRED FreeBSD: SCM_CREDS BSD/OS: SCM_CREDS (different from FreeBSD) NetBSD: LOCAL_CREDS Solaris: Doors from a 1999 message: http://cert.uni-stuttgart.de/archive/bugtraq/1999/01/msg00098.html I also found this mention: BSD/OS, FreeBSD and other BSD derived operating systems also have SCM_CREDS that sends credential information through a UNIX domain socket. [ Ok, someone point me to some standard that documents the semantics. Every BSD camp is doing it differently ":( ] in a 1999 FAQ: http://www.attrition.org/~modify/texts/unix/secure-faq.txt I am slightly concerned that a platform will define SCM_CREDS but not have an interface we support. However, from the list above, it seems we may be safe but not support NetBSD or Solaris versions. FYI, this email states why BSD/OS and FreeBSD are different. The implementor didn't know of the BSD/OS implementation: http://groups.google.com/groups?q=scm_creds+freebsd+bsd/os&hl=en&safe=off&rnum=1&selm=6n5vnk%24p5k%242%40apakabar.cc.columbia.edu I think this is a valuable feature to reduce the need to configure local users as 'trust' or use 'ident' on local tcp/ip sockets. One possible solution would be to enable SCM_CREDS _only_ on BSD/OS and FreeBSD and wait for others to verify it works on their platforms or submit a patch. > > The invocation > > changes to StrNCpy look suspicious; see the comment at StrNCpy in c.h. In > > one place you include errno.h twice. > > These are good points. Removed the duplicate errno. Thanks. I checked the StrNCpy call and I can't see the problem. I wrote the thing. Have I been away from this too long? :-) -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
pgsql-patches by date: