Home > mailing lists

Re: [PATCHES] Solaris ident authentication using unix domain sockets - Mailing list pgsql-hackers

From	Josh Berkus
Subject	Re: [PATCHES] Solaris ident authentication using unix domain sockets
Date	July 8, 2008 16:35:56
Msg-id	200807080935.33186.josh@agliodbs.com Whole thread Raw
In response to	Re: [PATCHES] Solaris ident authentication using unix domain sockets (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: [PATCHES] Solaris ident authentication using unix domain sockets (Andrew Dunstan <andrew@dunslane.net>) Re: [PATCHES] Solaris ident authentication using unix domain sockets ("Florian G. Pflug" <fgp@phlo.org>)
List	pgsql-hackers

Tree view

Tom,

> Indeed.  If the Solaris folk feel that getupeercred() is insecure,
> they had better explain why their kernel is that broken.  This is
> entirely unrelated to the known shortcomings of the "ident" IP
> protocol.

The Solaris security & kernel folks do, actually.  However, there's no
question that TRUST is inherently insecure, and that's what people are going
to use if they can't get IDENT to work.

--
Josh Berkus
PostgreSQL @ Sun
San Francisco

pgsql-hackers by date:

From: Michael Paesold
Date: 08 July 2008, 16:33:53
Subject: Re: [WIP] patch - Collation at database level

From: Josh Berkus
Date: 08 July 2008, 16:58:47
Subject: Re: Proposal of SE-PostgreSQL patches [try#2]

Re: [PATCHES] Solaris ident authentication using unix domain sockets - Mailing list pgsql-hackers

Previous

Next